I need to renew a PKI signed Cert for a bunch of MDS switches
I'm looking for confirmation that:
a) I do not need to delete the entire trustpoint and prior RSA keys and CA's (we have a chain of three)
b) I can just request a new CSR with the standard process c..... ca enroll <trustpointName>
c) when the CSR is signed, and I install it, the prev signed Cert will naturally expire and it will be cleaned up i.e. I can delete it with 'delete certificate'