Need to increase the keysize of a root certificate which will require to delete and recreate it.

Do the client certificates signed by the root also need to be recreated?

Release : 16.0

When deleting the root and recreating to get a new keysize a totally different root certificate is being created.

Since it will be a totally new root, the old client certs can no longer be used, because the certificate chain is broken.

All certificates signed by the old root will need to be recreated and signed with the new root.

The new certificates will need to be added to  keystores and SAF keyrings that were using the old certificates.