You have a single Active Directory domain named contoso.com.You have two servers named Server1 and Server2 that run Windows Server 2003 Service Pack 2 (SP2).
Server1 is configured as a VPN server.Server2 is configured as an enterprise root certification authority (CA).Certificate autoenrollment is configured for all users and computers in the domain.
Server1 is configured to accept only VPN connections that authenticate by using Extensible Authentication Protocol-Transport Layer Security (EAP-TLS).
When users attempt to connect to Server1 from their home computers, their connections are refused. When users attempt to connect to Server1 from computers that are domain members, they can connect.
You need to ensure that users can establish VPN connections from their home computers.
Which two actions should you perform? (Each correct answer presents part of the solution.Choose two.)
A.
Issue user certificates to each user.
B.
Issue computer certificates to each home computer.
C.
Disable certificate revocation list (CRL) checking on Server1.
D.
Install a copy of contoso.com’s root CA certificate on each home computer.