Implementing Cisco Collaboration Cloud and Edge Infrastructure (CLCEI) — Question 130

An engineer attempts to upload a server certificate to an Expressway-C server but receives an error when they click the upload button that says that the file is invalid. The engineer is advised that this happens because the certificate was signed incorrectly and is missing an attribute. What must the engineer do to upload the certificate?

Answer options

• A. Create a certificate request via Certificate Services Web Page and ensure that the certificate validity period is five years because the Expressway server validates this during certificate import.
• B. Create a certificate request via the Certificate Services Web Page and ensure that the Subject Common Name field contains the server FQDN and all Cisco Unified CM phone security profile names.
• C. Create a new certificate template with "Server authentication” and "Client authentication" enabled and use this template when signing the Expressway server certificate.
• D. Create a new certificate template with the certificate attribute "Allow private key to be exported" enabled and use this template when signing the Expressway server certificate.

Correct answer: C

Explanation

The correct answer is C because creating a new certificate template with 'Server authentication' and 'Client authentication' enabled ensures that the necessary attributes are included for the Expressway server certificate. Options A and B do not address the signing attributes needed, while option D focuses on key export rather than authentication, which is not the root cause of the certificate upload issue.