LPIC-2 Exam 202 (Linux Engineer) — Question 42

In response to a certificate signing request, a certification authority sent a web server certificate along with the certificate of an intermediate certification authority that signed the web server certificate.
What should be done with the intermediate certificate in order to use the web server certificate with Apache HTTPD?

Answer options

• A. The intermediate certificate should be merged with the web server's certificate into one file that is specified in SSLCertificateFile
• B. The intermediate certificate should be used to verify the certificate before its deployment on the web server and can be deleted
• C. The intermediate certificate should be stored in its own file which is referenced in SSLCaCertificateFile
• D. The intermediate certificate should be improved into the certificate store of the web browser used to test the correct operation of the web server
• E. The intermediate certificate should be archived and resent to the certification authority in order to request a renewal of the certificate

Correct answer: A

Explanation

The correct answer is A because Apache HTTPD requires the web server certificate and its intermediate certificate to be combined into a single file specified in SSLCertificateFile for proper chain of trust. Options B, C, D, and E misrepresent how to handle the intermediate certificate, as they do not fulfill the necessary configuration for Apache to recognize the certificate chain.