Greetings all.
I am looking at having to install a new ca cert on our ldap server(s) and thus swapping out the client certs as well. This totals roughly 250 different machines.
I am wondering as to the easiest way to go about this. Is there some grace period that can be set to allow me to relax and get to all the clients over a week's time? Or possibly the ability to use two certs? Then just slowly remove the old ones from the clients?