10 Jan
2016
10 Jan
'16
8:58 a.m.
From experience, ios manually configured clients - where users have been presented the previous cert and put in their user/pass ... ios records the fingerprint of the server cert.
So with a new server cert with same commonname / SAN and signed by the same CA , the user will be prompted about the new fingerprint . You don't get this with a client configured by a deployment tool. ..eg with mobileconfig profile alan