FCP – FortiGate Administrator 7.4 — Question 10
Which three pieces of information does FortiGate use to identify the hostname of the SSL server when SSL certificate inspection is enabled? (Choose three.)
Answer options
- A. The host field in the HTTP header.
- B. The server name indication (SNI) extension in the client hello message.
- C. The subject alternative name (SAN) field in the server certificate.
- D. The subject field in the server certificate.
- E. The serial number in the server certificate.
Correct answer: B, C, D
Explanation
The correct answers, B, C, and D, are essential components for identifying the hostname during SSL inspection. The server name indication (SNI) provides the hostname, while the subject alternative name (SAN) and subject fields in the certificate provide additional identification. Option A is incorrect as the host field in the HTTP header is not used for SSL certificate identification, and option E is irrelevant since the serial number does not identify the hostname.