Now, we have finished the theory part of this chapter and are moving on to the deployment part. In this section, I am going to demonstrate how we can set up a PKI using the two-tier model. I have used this model as it is the most commonly user model for mid and large organizations:
The preceding diagram explains the setup I am going to do. In there I have one domain controller, one stand-alone root CA, and one issuing CA. All are running with Windows Server 2016 with the latest patch level.