Citrix ADC 13 Advanced Topics – Security, Management and Optimization — Question 42

A Citrix Administrator needs to confirm that all client certificates presented to the authentication vServer are valid until the year 2023.
Which expression can the administrator use to meet this requirement?

Answer options

• A. CLIENT.SSL.CLIENT_CERT.VALID_NOT_AFTER.EQ(GMT2023)
• B. CLIENT.SSL.CLIENT_CERT.VALID_NOT_BEFORE.EQ(GMT2023)
• C. CLIENT.SSL.ORIGIN_SERVER_CERT.VALID_NOT_AFTER.EQ(GMT2023)
• D. CLIENT.SSL.CLIENT_CERT.DAYS_TO_EXPIRE.EQ(2023)

Correct answer: A

Explanation

Option A is correct because it checks if the client certificate's validity period ends after the specified GMT2023 date, ensuring it remains valid until then. Option B is incorrect as it checks the start of the certificate's validity rather than the end. Option C refers to the origin server certificate, not the client certificate, making it irrelevant. Option D checks the number of days until expiration, which does not directly confirm validity until 2023.