We have about 100 PCs and they all authenticated with DC by 802.1X. All the PCs have certificate from our internal CA. We are changing the HASH algorithm from SHA1 to SHA256.
I want to push new certificates to all the PC and server with old issued template.
How do i push new cert to all devices same time?
The template is configure to auto-enroll via GPO. As i understand that renewal will only take place without my intervention.
Else computers will auto enroll cert when renewal period start
Else configure new template for auto enrollment but still applications can use old cert until it expires