We are planning our Direct Access environment now and plan to also use SSTP VPN on the same box.
I understand that the best practice is to use a certificate published by a public CA for the outward facing IP-HTTPS listener and we plan to do this however during testing we would like to use a certificate created from our internal CA. If our testing phase
is successful and we plan to go ahead we would then buy a public CA certificate and replace the internally created one.
I would just like to know how much of an issue/hassle it would be to do this. I believe that during the DA setup wizard it automatically inserts the certificates you provide. Is it a problem to change it afterward? Do you have uninstall DA and run through the
wizard again? Thanks.