Current we use ldap from application connect to Active Directory . Now we want change to LDAPS .we have CA internal and see in every server active directory has one certificate with the same name of active directory. So should use CA internal or self certification ? and when create certification need CN contain all name server of Active Directory ? and application (Ldap client) need import which certificate to can connect to Active Directory by LDAPs ?