Hello
Can someone please help me with the following question
If I have a Windows 2003 R2 Enterprise Root CA on the AD Domain can I also Add a separate Windows 2012 R2 Enterprise Root CA to the same domain.
We do not use Autoenrollment on the existing 2003 R2 CA.
Network guys want to introduce a Cisco BYOD (Bring Your Own Devise) solution using Cisco ISE (Identity Services Engine) which uses SCEP/NDES and therefore need certificates from CA. The thing is the ISE recommend 2008 AD CS as a minimum
Therefore I wonder if Installing a 2012 R2 Root CA that only provides certificates via the NDES/ISE solution would be a possibility.
I understand the Root CA Cert is held in a container under the 'Configuration' partition in Active Directory. Therefore can you have Two Root CA certs in the AD container at the same time for the same AD Domain/Forest?
The idea would then be to migrate other services to the new CA and phase out the old 2003 R2 CA over time.
Thanks All
AAnotherUser__
AAnotherUser__