My AD domain name is domainname.local. I have Certificate Services set up to issue certs for this domain.
I now want to add domainname.com as an AD integrated zone and have Certificate Services issue certificates for this new domain as well.
Is it possible to do this? If yes, where do I begin? Any thoughts would be most appreciated. Thanks.
Names on certificates issued by servers running AD Certificate Services (or any certificate authority, really) are (or can be) completely unrelated to any namespace in DNS or Active Directory. There is generally nothing requiring they be linked.
If I choose to, I can issue a certificate from my internal certificate authority for serverfault.com or google.com. All you have to do is supply that information in the request.
You can see evidence of this everyday by checking the issuer of every secure site you visit and see that the certificate is (usually) issued by an entity that has no relationship to the name on the cert.
