Can a FreeRadius presenting a SHA1 certificate accept SHA2 client certificates and validate them against a CA that accepts SHA1 and SHA2 certificates?
Another option would be that the FreeRadius validates SHA1 signed certificates against one CA and SHA2 signed certificates against another CA. Is this possible?
I'm trying to migrate Android devices with SHA1 signed certificates to SHA2 without needing to synchronize the change of the certificates in the devices and the FreeRadius (with the risk to availability). In this architecture both client and FreeRadius authenticates themselves with digital certificates.
