Hello Srinivasan
Using Guestshell on a Cisco IOS XE-based cEdge device can be a useful workaround for handling certificates during SD-WAN onboarding. If the automated process is not feasible or the cEdge cannot directly reach the CA, Guestshell allows you to generate certificate signing requests (CSRs), store certificates locally, and transfer them manually. However, since Guestshell does not act as a CA, certificates still need to be signed externally before installation. This approach provides flexibility in certificate management when direct CA access is unavailable.
Thanks for sharing your experience and your suggestions, it’s always helpful to the community!
Laz