Hi,
In a large distributed ISE deployment with dual PAN & MNTs running ISE 2.0 and two pxGrid nodes to be added, can one pxGrid certificate (CA signed) be shared across both pxGrid nodes for pxGrid usage (i.e. multi SAN certificate)? And does the shared certificate need to also include the PANs and MNTs in the SAN field as they also need to import the certificate according to How To: Configuring pxGrid in an ISE Distributed Environment ? The intention is to have one shared certificate per ISE 'usage' type...
Please note: Wildcard certificates are in use so adding pxGrid usage to the admin certificate mentioned in following guide is not an option Deploying Certificates with Cisco pxGrid - Using an external Certificate Authority (CA) with updates to Cisco ISE 2.0/2.…
Thanks,
Denis
