We currently provide LDAPS to our customers. Right now the certificates that we load on our DC uses the DC name and the clients connect using that name. We'd like to set up a DNS alias like: ldap.company.net. I tried generating a cert named ldap.company.net and loaded it on a DC; however, the clients were unable to connect.
Does anyone know if MS has a restriction that will not allow a cert to be loaded for LDAPS if the name on the cert is not the same as the DC?
Thanks
