Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us [email protected]
Menu

Unlimited Access

Get Unlimited Contributor Access to the all ExamTopics Exams!
Take advantage of PDF Files for 1000+ Exams along with community discussions and pass IT Certification Exams Easily.
Lpi Discussions

Exam 202-450 topic 1 question 39 discussion

Actual exam question from LPI's 202-450
Question #: 39
Topic #: 1
[All 202-450 Questions]

In response to a certificate signing request, a certification authority sent a web server certificate along with the certificate of an intermediate certification authority that signed the web server certificate.
What should be done with the intermediate certificate in order to use the web server certificate with Apache HTTPD?

  • A. The intermediate certificate should be merged with the web server's certificate into one file that is specified in SSLCertificateFile
  • B. The intermediate certificate should be used to verify the certificate before its deployment on the web server and can be deleted
  • C. The intermediate certificate should be stored in its own file which is referenced in SSLCaCertificateFile
  • D. The intermediate certificate should be improved into the certificate store of the web browser used to test the correct operation of the web server
  • E. The intermediate certificate should be archived and resent to the certification authority in order to request a renewal of the certificate
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by fluffyuranus at Jan. 5, 2021, 3:02 a.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
fluffyuranus
Highly Voted 3 years, 3 months ago
You don't merge 2 certificates - they have a cryptographic hash! C is the correct answer https://techjourney.net/install-intermediate-ca-certificate-chain-cert-in-apache-httpd-server/
upvoted 6 times
...
Tomba
Most Recent 4 months, 4 weeks ago
SSLCaCertificateFile is for CLIENT certs, not SERVER certs, so A is correct
upvoted 1 times
...
MaikyCR28
7 months, 3 weeks ago
Correct answer: A Ref: LPIC-2 book (https://lpic2book.github.io/src/)
upvoted 2 times
...
cookieb
1 year, 6 months ago
First of all I want to reference this: https://ssl-config.mozilla.org/#server=apache&version=2.4.41&config=modern&openssl=1.1.1k&guideline=5.6 Which states: SSLCertificateFile /path/to/signed_cert_and_intermediate_certs Which is basically "A". Merging in this context means concating, first the Webserver Cert then the Signer Cert If you request a letsencrypt certificate you will get a fullchain.pem file containing all Certificates. So in my eyes, it's definitely A
upvoted 3 times
...
EMordenti
2 years ago
I think that "A" There can be many layers of CAs, the top one is called "Root CA" and the rest is called "Intermediate CA". The CAs are chained in descending order and are called "SSL certificate chain". In the Apache configuration file, 'SSLCertificateKeyFile' is used to specify the location of the key file and 'SSLCertificateFile' is used to specify the location of the Cert (server certificate) file. SSLCertificateFile' is used to specify the location of the Cert file and 'SSLCertificateChainFile' is used to specify the location of the SSL certificate chain file. Now, as for 'SSLCACertificateFile', it can also be used to specify the 'SSL Certificate Chain' file, but it must be used in a non-public CA (used to issue self-signed SSL certificates). However, the question is not very clear, so option "C" could be the correct answer.
upvoted 1 times
...
fluffyuranus
2 years, 1 month ago
Selected Answer: C
My argument is over the use of the word MERGE - combining two things into one. You can't combine two certificates into one certificate. You can ADD both certificates to the SSLCertificateFile, but the answer doesn't say that. I could be being pedantic, but I don't think so.
upvoted 1 times
...
Armina
2 years, 2 months ago
Selected Answer: A
A is correct! According to Redhat, the intermediate certificate can be appended to server certificate . Ref.: https://access.redhat.com/solutions/43575
upvoted 2 times
...
gndrx78
3 years ago
Certificates can be "merged" accordingly to this URL: https://www.thesslstore.com/knowledgebase/ssl-support/combining-multiple-intermediate-certificates/
upvoted 3 times
ldlpi
2 years, 4 months ago
Yes, or this other: https://access.redhat.com/solutions/43575 Where SSLCertificateChainFile is deprectated by SSLCertificateFile https://httpd.apache.org/docs/2.4/mod/mod_ssl.html#sslcertificatechainfile Therefore A could be correct, the problem is that C too...
upvoted 2 times
...
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel