I am planning a large ISE upgrade - 2.1 to 2.3. At the same time the desire is to move from SHA1 certificates on ISE to SHA2 certificates. The question is how will clients react and when to upgrade clients to SHA2 with 802.1x in place.
If a windows PC has both SHA1 and SHA2 certificates installed, which will it present to ISE via the windows supplicant? If ISE has a SHA2 certificate, can it still accept a SHA1 and will the client see any prompt?
Just getting ready to run this thru the lab - was wondering if anyone has been this path yet...
