Need solution for Wireless LAN security using PEAP. I'd like to hear from some experts on this.
1) If I set up a Microsoft certificate authority in my Windows 2003 domain, would the workstations automatically trust certificates issued by this CA or would I need to download the root certificate into each workstation? If it's the latter, I'm guessing an automatic deployment via AD is possible?
2) Is setting up a certificate authority a more secure option than simply self signing a certificate using a tool included in IIS resource tools called SelfSSL. I mean the private kay wouldn't be distributed ever so why should it be insecure compared to setting up an internal CA?
Link to SelfSSL - http://support.microsoft.com/kb/840671#11
3) If I go with a public CA like Verisign, does that mean I don't need to set up any CA server internally at all?
Thank you all