Pro and Con of External vs Internal CA

I'm getting ready to Install ZEN 10 on a server and I'm trying to figure out weather it would be better to use an internal or external CA. I'm installing ZEN 10 on a SLES 10 SP1 server. I have no problem using an external CA and have already created the certificates using eDirectory. I just need to know what I gain or lose. Is there some advantage or disadvantage to using one or the other.

Tags:

  • Generally it would be better having your CA outside of ZCM. Novell do
    not provide that many tools for managing the CA. additionally there is
    know redundancy as the CA is stored on the one server, whereas, one
    would assume you have more than one replica of your partition that holds
    your security container. Yes you can back it up but would that occur as
    frequently as eDir replication.
  • Generally it would be better having your CA outside of ZCM. Novell do
    not provide that many tools for managing the CA. additionally there is
    know redundancy as the CA is stored on the one server, whereas, one
    would assume you have more than one replica of your partition that holds
    your security container. Yes you can back it up but would that occur as
    frequently as eDir replication.
  • Generally it would be better having your CA outside of ZCM. Novell do
    not provide that many tools for managing the CA. additionally there is
    know redundancy as the CA is stored on the one server, whereas, one
    would assume you have more than one replica of your partition that holds
    your security container. Yes you can back it up but would that occur as
    frequently as eDir replication.