To start installing and configuring SD-WAN controllers, the first step is to prepare a SD-WAN certificate authority server, since certificate is the main authentication method between controllers and also SD-WAN routers. all components of the SD-WAN architecture receive their own certificate from the certificate authority. this is what we will do in this section.
I have already prepared a Windows Server 2012 with installed Active Directory, in which I will install a certification authority and prepare a template for the SD-WAN architecture.
After installation, we receive a message to configure certificate service in Active Directory.
This step requires an account member of IIS_USERS group. So I will add administrator user as a member of IIS_USERS group before continuing.
now that administrator is a member of IIS_USERS group, we can choose administrator account in the installation process
Now I want to prepare a certificate template for SD-WAN infrastructure. The application of certificate should include both client authentication and server authentication.
now we check to see if new template is into the list.