Hey guys,

I'm using 1 virtual machine running Windows Server 2022, and another virtual machine running windows 10 pro to host a web application. The device I'm using for this is a Windows 10 desktop.

So I'm doing some experimentation with my virtual environment to build up experience with IAM starting with AD.

I'm looking into getting practical experience with encrypting a connection to my application (one that I programmed) using an SSL certificate.

The steps I took are this. I installed the AD CS on my windows server where the web app is domain joined to it. From configuring it, I have a root CA. On the web app machine, I installed IIS and configured my web app there. I created a certificate request using IIS (I made sure to pass in the domain name of the machine I'll be putting the certificate in), which I transferred back to my domain controller, and used the certutil command to issue a certificate from my domain's root CA.

From there, I added that certificate to the IIS web server on the machine where I'm hosting the web app, not the domain controller. The AD root CA certificate was automatically added to the trust store so the certificate that was issued to me from the AD CA i had to install them on my client machines. However, when I accessed my web app through the browser, it says the certificate I'm using is invalid, therefore my connection is not secure. It says this when I tried to access from local machine and it also says this when I try to access it from a virtual machine.

Because I created my root CA from windows server AD, it would be an internal domain. Even if I took the right steps, would the web browser always see my certificate as invalid?