We have enabled LDAPS on the DCs and that means that each of them has it own personal certificate.
Some application owners (java untill now) request from us that pesonal certificate of the domain controller in order to embended it to their application.
I would like to ask if to give the personal certificate of a domain controller to a member server is a valid practice and if that could be mean a security issue.
Thank you