Our Current Microsoft CA Server is going to expire. We would like to set up a new CA Server. Is it possible to have both CA Servers authenticating clients until the old CA Server is no longer valid? We will issue new certificates to clients from the new CA Server and we would like to phase out the old CA Server in the next week. Can multiple CA Servers be assigned to a trustpoint for the authentication of VPN Clients using the IPSec client?