Hi,Replacing a self-signed certificate (hope the cert is not signed by internal PKI, since you have mentioned "self assigned CA") with public CA would not cause any issue, except the clients prompting to accept the new cert after import.And to answer your question about, different certs for different networks. It is possible, you can import the Radius/new cert as a service cert in ClearPass and map it to the authentication service directly. In fact, you can import the Public CA signed cert as a service cert and test it on the EAP-TLS service, and then replace the self-signed cert with the same cert globally.
At Aruba, we believe that the most dynamic customer experiences happen at the Edge. Our mission is to deliver innovative solutions that harness data at the Edge to drive powerful business outcomes.
© Copyright 2021 Hewlett Packard Enterprise Development LPAll Rights Reserved.