Hi,
we're facing the following scenario... We've got several controllers which use an internal root certificate for staff 802.1x authentication (reason we're doing this is because they do not always have outgoing network connection, as in 'it's a ship').
We now have to migrate our pki infrastructure to sha2, which means a new root certificate
As far as i found, it's only possible to define one root certificate per ssid? Am i correct here? Which means it's a big-bang migration per controller. When the root certificate is changed, the endpoint must get a new certificate.