Most guides for deploying SSTP on RRAS recommend setting up a private CA using AD CS, with all the necessary steps that come with that to issue a server authentication certificate and have it trusted by the clients.
From what I've read, it's also perfectly possible to set up SSTP using a publicly signed certificate. To my mind, if you don't already have a CA and don't have other requirements that necessitate deploying your own CA, then going to the effort of deploying and maintaining one for something so basic seems like overkill. Certificates can be obtained so cheaply these days, and clients will automatically trust the certificate, regardless of whether they're domain joined. Other advantages come to mind that I won't list here.
Is there a factor that I'm missing here that explains why most guides choose to go down the route of deploying AD CS even for the most basic setup, or is my thinking pretty sound?