Comment by AtNightWeCode
3 years ago
A public CA is for having a third-party entity so two different parties do not need to trust each other. So, the answer is no. Why would you even consider this for internal communication?
3 years ago
A public CA is for having a third-party entity so two different parties do not need to trust each other. So, the answer is no. Why would you even consider this for internal communication?
Installing a root CA on devices is risky.
From the article:
> It means your employees aren't constantly fighting browser warnings when trying to submit stuff internally.
If your employees gets a habit of ignoring certificate warnings then you have much bigger problems than leaking internal domain names.
Clients should not ignore the certificate warnings. You install the certificates on the client machines.