Hi community. I am configuring ClearPass as my Radius server and Windows Server 2016 as my Root CA, it is mandatory that the "Role" Certificate Authority is installed on the DS Domain Server ?. Or it is possible to have on a server the Role of CA to issue the Radius certificates for the supplicant 802.1X clients and on another server the other Roles or services (AD, DNS, etc). I hope you can support me as my client feels unsure about installing Role CA on the Domain server in case some service came to affect, which should not happen. Beforehand thank you very much. Greetings.