hoping someone can help. I am currently deploying Cisco Identity Services Engine. I plan to use this for dot1x authentication for both my wired and wireless clients. I also would like to use the Guest Wireless, profiling and posturing.
Now in ideal world scenarios I would use an Internal CA like ADCS however we do not have control of our AD Domain as we are in a tenanted domain.
I would prefer to have a public CA anyway so that more devices will support and recognise the signing authority on the certificate, especially Apple devices.
I would like to obtain a certificate that i can import into the CA service built into ISE. We do not have a public facing website so I would not be able to use CERTBOT. Is it possible to obtain this just by proving I have control over our domain?
Thanks in Advance,