VMware Cloud Director Specialist (2022) — Question 68

A VMware Cloud Foundation administrator has been tasked with replacing self-signed certificates with those signed by a third-party Certificate Authority. A security policy disallows the integration and use of Microsoft Active Directory Certificate Services and prefers an external provider.

Which two steps must be taken in order to configure these certificates? (Choose two.)

Answer options

• A. Generate Certificate Signing Requests from SDDC Manager.
• B. Ensure that the external provider has Administrator rights in vCenter.
• C. Create and package the certificates in a domain_name.tar.gz file.
• D. Use the sddcmanager-ssl-util.sh utility to list and delete existing certificates.
• E. Generate public-private key pairs using the external provider.

Correct answer: A, E

Explanation

Option A is correct because generating Certificate Signing Requests from SDDC Manager is essential for obtaining certificates from a third-party Certificate Authority. Option E is also correct as creating public-private key pairs is necessary for the certificate signing process. Options B, C, and D are not relevant steps for configuring third-party certificates in this context.