Hi;
I'm using an external CA (which is a Windows server 2008 machine in my lab with CA role installed on it) and obtained/installed a certificate for ISE for EAP, Portal and other purposes from that CA.
With regards to Certificate Provisioning, does ISE use its Node Certificate (as I said it has been obtained from my internal root CA) to sign subsequent certificate requests by its own or I should define external CA to sign those requests on Administration > System > Certificates > External Certificate Settings page?