ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-204 All Questions

View all questions & answers for the AZ-204 exam
Go to Exam

Exam AZ-204 topic 13 question 2 discussion

Actual exam question from Microsoft's AZ-204
Question #: 2
Topic #: 13
[All AZ-204 Questions]

DRAG DROP -
You need to correct the corporate website error.
Which four actions should you recommend be performed in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Select and Place:

Show Suggested Answer Hide Answer
Suggested Answer:
by Alluru at March 20, 2021, 9:25 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Frakandel
Highly Voted 3 years, 8 months ago
Answer: • Generate a certificate • Upload the certificate to Azure key vault • Import the certificate to Azure App Service • Add the certificate thumbprint to the WEBSITE_LOAD_CERTIFICATES app setting https://ankitvijay.net/2021/04/14/certificate-azure-app-service-linux/
upvoted 90 times
surprise0011
1 year, 9 months ago
received 2023-04-17 went with above answer, score 926
upvoted 10 times
...
...
SnakePlissken
Highly Voted 3 years, 8 months ago
1. Generate a certificate. 2. Upload the certificate to Azure Key Vault. 3. Import the certificate to Azure App Service. 4. Add the certificate thumbprint to the WEBSITE_LOAD_CERTIFICATES app setting. Prerequisite: Scale up your App Service plan if your app is in a shared infrastructure tier. https://docs.microsoft.com/en-us/azure/app-service/configure-ssl-certificate https://docs.microsoft.com/en-us/azure/app-service/configure-ssl-certificate-in-code#load-certificate-in-linuxwindows-containers
upvoted 28 times
...
raymond_abcd
Most Recent 1 year ago
See: https://learn.microsoft.com/en-us/azure/app-service/environment/overview-certificates#private-client-certificate Last box is: "Add the certificate thumbprint to the WEBSITE_LOAD_CERTIFICATES app setting"
upvoted 1 times
...
acjdev514
1 year, 4 months ago
My vote: the answer provided is the correct one. https://learn.microsoft.com/en-us/azure/app-service/configure-ssl-certificate-in-code
upvoted 1 times
...
surprise0011
1 year, 10 months ago
correct https://learn.microsoft.com/en-us/azure/app-service/configure-ssl-certificate-in-code#when-updating-renewing-a-certificate
upvoted 1 times
...
st0rmtrooperx
2 years, 1 month ago
Got this on Dec 16th, 2022. Scored 921 and went with: • Generate a certificate • Upload the certificate to Azure key vault • Import the certificate to Azure App Service • Add the certificate thumbprint to the WEBSITE_LOAD_CERTIFICATES app setting
upvoted 7 times
...
coffecold
2 years, 3 months ago
Answer of Frakadel OK. But otherwise : this is bad practice. Azure Key Vault with managed identity should be used for that purpose.
upvoted 3 times
...
gmishra88
2 years, 4 months ago
This is an essay question, but I will bet my time on : Generate Upload to keyvault Import to App service (from keyvault) Add to WEBSITE_LOAD_CERTIFICATES (Important so that it is available in /var/ssl/... or c:\appservies\..\secret path. The code seems to be using that)
upvoted 2 times
...
Sandeep12093
2 years, 7 months ago
Agree to brettusmaximus 1. Generate a certificate 2. Upload to key vault (mandatory security requirements) 3. Import the certificate to Azure App Service. For Linux container, it keeps the private certificates at the location /var/ssl/private and public certificates at /var/ssl/certs. 4. Add the certificate thumbprint to the WEBSITE_LOAD_CERTIFICATES app setting. Refer configure-SSL-CERTIFICATE-IN-CODE
upvoted 1 times
...
lugospod
3 years ago
Got this one 01/2022. Went with most voted (to avoid writing answers again)
upvoted 6 times
...
asdasdasg2
3 years, 1 month ago
what a horrible question. Security.cs is not even valid C# and its usage is not even shown in the following snippet that contains the function.
upvoted 5 times
...
GreenPanda
3 years, 6 months ago
Does the ReadAllBytes method need to specify the file path instead of the directory?
upvoted 1 times
GreenPanda
3 years, 6 months ago
https://docs.microsoft.com/en-us/azure/app-service/configure-ssl-certificate-in-code#load-certificate-in-linuxwindows-containers
upvoted 1 times
...
lugospod
3 years, 1 month ago
yes I agree, but I think this is a typo...the same way the path has ~ in front...
upvoted 1 times
...
...
BrettusMaximus
3 years, 9 months ago
Ok - How does the cert get to be located at the URL (/var/ssl/private)? 1. Generate a certificate 2. Upload to key vault 3. Add the certificate thumbprint to the WEBSITE_LOAD_CERTIFICATES app setting. 4. Add the certificate to Source Control (/var/ssl/private), So when the app deploys it gets there. It doesn't matter about nice error messages.
upvoted 1 times
BrettusMaximus
3 years, 9 months ago
OK I am slightly wrong here; as in https://ankitvijay.net/2021/04/14/certificate-azure-app-service-linux/ 1. Generate a certificate 2. Upload to key vault (mandatory security requirements) 3. Import the certificate to Azure App Service. For Linux container, it keeps the private certificates at the location /var/ssl/private and public certificates at /var/ssl/certs. 4. Add the certificate thumbprint to the WEBSITE_LOAD_CERTIFICATES app setting. It doesn't matter about nice error messages.
upvoted 15 times
...
...
[Removed]
3 years, 9 months ago
General information * CryptographicException: The system cannot find the file specified * According to the path we are running a linux container (/var/ssl/private) * Question seems to have a typo (line SC03, ~ is not needed) Answer 1. Generate a certificate 2. Import the certificate to Azure App Service 3. Add the certificate thumbprint to the WEBSITE_LOAD_CERTIFICATES app setting 4. Update line SC05 to include error handling ... Further reading: https://docs.microsoft.com/en-us/azure/app-service/configure-ssl-certificate-in-code#load-certificate-in-linuxwindows-containers
upvoted 2 times
lugospod
3 years, 1 month ago
Adding exception handling won't help you solve the problem...so not needed. You Must use key vault so you are missing that part as a second step.
upvoted 2 times
...
...
anastakasim
3 years, 10 months ago
So what is the correct answer to this?
upvoted 3 times
...
clarionprogrammer
3 years, 10 months ago
1. Generate a certificate 2. Import the certificate to Azure App Service. 3. Add the certificate thumbprint to the WEBSITE_LOAD_CERTIFICATES app setting. https://docs.microsoft.com/en-us/azure/app-service/configure-ssl-certificate-in-code#make-the-certificate-accessible 4. Update line SC05 of Security.cs to include error handling and then redeploy the code.
upvoted 4 times
SwatiN
3 years, 9 months ago
Certificates should be imported from azure key vault. its one of the requirement. so it would be : 1. Generate Cert 2. Upload to key vault 3. import from key vault. 4. Update config thumbprint value 5. Handle the error in the code gracefully https://docs.microsoft.com/en-us/azure/app-service/configure-ssl-certificate https://docs.microsoft.com/en-us/azure/app-service/configure-ssl-certificate-in-code#load-certificate-in-linuxwindows-containers
upvoted 2 times
lugospod
3 years, 1 month ago
The question is to select FOUR steps..you selected FIVE.
upvoted 2 times
...
...
...
jokergester
3 years, 10 months ago
I think it should be 1. Generate Cert 2. Upload to App Service 3. Update config thumbprint value 4. Handle the error in the code gracefully Uploading to Key Vault would offer a better security but another step(s) would be needed it is to add access policy for the App Service to use the Certificate
upvoted 2 times
lugospod
3 years, 1 month ago
There is a requirement that states that key vault MUST be used to store certificates.
upvoted 2 times
...
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel