VMware vRealize Automation (VCP-CMA 2019) — Question 28

An administrator is troubleshooting the Per-App VPN function in the VMware Tunnel and runs the following command: openssl s_client ""showcerts ""connect <TunnelHostname>:8443.
They notice that the response is the certificate from their firewall and not the certificate from the Tunnel server.
What remediation step should be taken?

Answer options

• A. The VMware Tunnel should be re-configured to use the certificate from the firewall
• B. The VMware Tunnel SSL traffic needs to pass through the firewall unmodified
• C. The VMware Tunnel should be re-configured to trust the certificate from the firewall
• D. The VMware Tunnel Certificate should be exported from the console and uploaded to the firewall

Correct answer: C

Explanation

The correct answer is C because the VMware Tunnel needs to trust the firewall's certificate to establish a secure connection. Options A and D do not address the need for trust between the two entities, while option B does not resolve the certificate issue that is causing the misidentification.