An engineer needs to provision certificates on a Cisco Catalyst 9800 Series Wireless Controller. The customer uses a third-party CA server. Which protocol must be used between the controller and CA server to request and install certificates?
To provision certificates on a Cisco Catalyst 9800 Series Wireless Controller using a third-party CA (Certificate Authority) server, the SCEP (Simple Certificate Enrollment Protocol) must be used. SCEP is a protocol specifically designed for certificate enrollment and allows the controller to request and install certificates from the CA server.
A is the correct answer:
There are many ways to enroll your trustpoint and receive a certificate from the CA. Depending on the configuration, you can:
Enroll the Trustpoint automatically.
The Catalyst 9800 controller supports automatic certificate enrollment protocols like Simple Certificate Enrollment Protocol (SCEP) and Enrollment over Secure Tunnel (EST) to forward and receive certificate requests generated on the controller to the CA.
Enroll the Trustpoint manually.
The Catalyst 9800 controller supports manual enrollment that uses the PKCS#12 Certificate Signing Request (CSR) mechanism to issue certificates for the controller. Subsequent to the CSR request, the signed certificate for the controller, together with the CA root certificate, are uploaded to the controller. Note that it is also possible to use OpenSSL or any other utility to generate the keys and the CSR.
upvoted 3 times
...
This section is not available anymore. Please use the main Exam Page.300-430 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
rrahim
2 months, 1 week agoYod_Jjot
6 months, 4 weeks ago