You need to ensure that the encryption keys for e-mail certificates can be recovered from the CA database

Your network contains a single Active Directory domain. The domain contains an enterprise certification authority (CA).

You need to ensure that the encryption keys for e-mail certificates can be recovered from the CA database.

You modify the e-mail certificate template to support key archival.

What should you do next?

Your network contains a single Active Directory domain. The domain contains an enterprise certification authority (CA).

You need to ensure that the encryption keys for e-mail certificates can be recovered from the CA database.

You modify the e-mail certificate template to support key archival.

What should you do next?

A.
Issue the key recovery agent certificate template.

B.
Run certutil.exe -recoverkey.

C.
Run certreq.exe-policy.

D.
Modify the location of the Authority Information Access (AIA) distribution point.

Show Hint

Leave a Reply 0

Your email address will not be published. Required fields are marked *