I need to issue computer certificates to be used for EAP-FAST machine authentication but unfortunately site has issues with MS CA so I'm wondering if I can use ISE internal CA to do the same task ? I know there is certificate provisioning portal but it seems it issue user certificates only.
Why EAP-FAST? Why not TEAP? Why use Cisco Secure Client NAM at all? The ISE internal CA is only designed for BYOD use-cases. It should not be used for an enterprise CA. I would focus efforts on fixing the issues with MS Active Directory Certificate Services.
I think i managed to do it for a difficult customer a while back but as mentioned earlier by other poster, it is not designed nor recommended. there is no option to renew a cert etc... best to use a MS internal CA that is what majority of customer use especially if you have a windows machines or use a MDM/intune..
