300-810 · Question #231
Refer to the exhibit. A collaboration engineer is responding to user reports of certificate error messages when they attempt to log in to Cisco Jabber for Windows. The users are connected to the corpo
The correct answer is B. Trusted Root Certification Authorities store. When server certificates are signed by a private (internal) Certificate Authority, Windows clients will not trust those certificates by default because the private CA is not included in the OS trust store. To resolve certificate errors on Windows machines, the private CA's root c
Question
Refer to the exhibit. A collaboration engineer is responding to user reports of certificate error messages when they attempt to log in to Cisco Jabber for Windows. The users are connected to the corporate LAN. The server certificates have been signed by the enterprise's private CA. Where must the engineer import the CA root certificate to resolve the issue?
Exhibit
Options
- AIntermediate Certification Authorities store
- BTrusted Root Certification Authorities store
- CPersonal Certification store
- DTrusted Publishers Certification store
How the community answered
(23 responses)- B91% (21)
- C4% (1)
- D4% (1)
Explanation
When server certificates are signed by a private (internal) Certificate Authority, Windows clients will not trust those certificates by default because the private CA is not included in the OS trust store. To resolve certificate errors on Windows machines, the private CA's root certificate must be imported into the 'Trusted Root Certification Authorities' certificate store. This tells Windows to trust all certificates issued by that CA, which resolves Jabber's SSL/TLS handshake errors. Importing into the 'Personal' store only applies to your own identity certificates; the 'Intermediate Certification Authorities' store is for intermediate CAs (not root CAs); and the 'Trusted Publishers' store is for Authenticode software publishers - none of these resolve server certificate validation failures.
Topics
Community Discussion
No community discussion yet for this question.
