What should you run on Server1?

Your network contains a server named Server1 that runs Windows Server 2012 R2. Server1 has the Active
Directory Certificate Services server role installed and is configured as a standalone certification authority (CA).
You install a second server named Server2. You install the Online Responder role service on Server2.
You need to ensure that Server1 can issue an Online Certificate Status Protocol (OCSP) Response Signing
certificate to Server2.
What should you run on Server1?

Your network contains a server named Server1 that runs Windows Server 2012 R2. Server1 has the Active
Directory Certificate Services server role installed and is configured as a standalone certification authority (CA).
You install a second server named Server2. You install the Online Responder role service on Server2.
You need to ensure that Server1 can issue an Online Certificate Status Protocol (OCSP) Response Signing
certificate to Server2.
What should you run on Server1?

A.
The certreq.exe command and specify the -policy parameter

B.
The certutil.exe command and specify the -getkey parameter

C.
The certutil.exe command and specify the -setreg parameter

D.
The certreq.exe command and specify the -retrieve parameter

← Previous question

Next question →

Leave a Reply 1

fiber

Correct, i needed to confirm the right answer:

https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc732526(v=ws.11)

To prepare a computer running Windows Server 2003 to issue OCSP Response Signing certificates
On the server hosting the CA, open a command prompt, and type:

certutil -v -setreg policy\EnableRequestExtensionList +1.3.6.1.5.5.7.48.1.5

Reply