Hi,
Currently a customer has an ISE with a self-signed certificate for admin and EAP Authentication, and we are looking to renew this certificate without having to use the propagation of this certificate by GPO in the AD.
My question is, if the client has an internal CA as their AD or other, when the certificate is renewed, all users will have the renewed certificate? Or must it be propagated by GPO?
My understanding is that this is not necessary with a certificate signed by an external CA such as DigiCert, but I want to know if the same thing happens with an internal CA such as the AD.