CompTIA CASP+ (CAS-004) — Question 100

An administrator at a software development company would like to protect the integrity of the company's applications with digital signatures. The developers report that the signing process keeps failing on all applications. The same key pair used for signing, however, is working properly on the website, is valid, and is issued by a trusted CA. Which of the following is MOST likely the cause of the signature failing?

Answer options

• A. The NTP server is set incorrectly for the developers.
• B. The CA has included the certificate in its CRL.
• C. The certificate is set for the wrong key usage.
• D. Each application is missing a SAN or wildcard entry on the certificate.

Correct answer: C

Explanation

The most likely reason for the signature failures is that the certificate is set for the wrong key usage, which prevents it from being used for signing applications. The other options, while possible issues, do not directly impact the ability to sign the applications with the provided key pair.