Your network contains an Active Directory domain named contoso.com. The domain
contains two servers named Server1 and Server2. Both servers have the Hyper-V server
role installed.
You plan to replicate virtual machines between Server1 and Server2. The replication will be
encrypted by using Secure Sockets Layer (SSL).
You need to request a certificate on Server1 to ensure that the virtual machine replication is
encrypted.
Which two intended purposes should the certificate for Server1 contain? (Each correct
answer presents part of the solution. Choose two.)
A.
Client Authentication
B.
Kernel Mode Code Signing
C.
Server Authentication
D.
IP Security end system
E.
KDC Authentication
Explanation:
Replica Server Certificate Requirements
To enable a server to receive replication traffic, the certificate in the replica server must meet
the following conditions
* Enhanced Key Usage must support both Client and Server authentication
Etc.
Reference: Hyper-V Replica – Prerequisites for certificate based deployments
https://technet.microsoft.com/en-us/library/jj134153.aspx#BKMK_1_5
The answer is correct, but the section referred to in the answer is wrong. You want to set the certificate on the primary server, not the replica server. In this scenario, Server 1 is the primary and Server 2 is the replica.
http://blogs.technet.com/b/virtualization/archive/2012/03/13/hyper-v-replica-certificate-requirements.aspx
client and server are correct
the encrypted replication of a vm requires the host servers to have installed a certificate including both client authentication and server authentication extensions for EKU (enhanced key usage) and hte fqdn of hte local server.