You need to ensure that CA2 can issue certificates for …

You plan to deploy a certification authority (CA) infrastructure that contains the following servers:
– An offline standalone root CA named CA1
– An enterprise subordinate CA named CA2
On all of the computers, you import the root CA certificate from CA1 to the Trusted Root Certification Authorities Certificates store.
You need to ensure that CA2 can issue certificates for the CA hierarchy.
What should you do? To answer, select the appropriate options in the answer area.
Hot Area:

You plan to deploy a certification authority (CA) infrastructure that contains the following servers:
– An offline standalone root CA named CA1
– An enterprise subordinate CA named CA2
On all of the computers, you import the root CA certificate from CA1 to the Trusted Root Certification Authorities Certificates store.
You need to ensure that CA2 can issue certificates for the CA hierarchy.
What should you do? To answer, select the appropriate options in the answer area.
Hot Area:

Answer:

Show Hint

Leave a Reply 1

Your email address will not be published. Required fields are marked *

Marvin

Marvin

1. When deploying a two-tier CA hierarchy with an offline root CA, it is very important that you configure CDP (CRL Distribution Point) and AIA locations before taking the root CA (CA1) offline.
2. Subordinate certificate request should be created by subordinate CA (CA2) in this context.
3. The above-mentioned subordinate certificate is certainly issued by root CA (CA1).
4. The issued certificate is installed on subordinate CA (CA2) so that it can issue certificate for the CA hierarchy.

Reply