To study for VMware HCI Master Specialist Exam | vSAN认证考试题目学习
94. Which certificate file is needed to establish a Standard Key Provider trusted connection between vCenter and its Key Management Server(KMS) ?
- A.vCenter Server Root CA Certificate
- B.vCenter Server Root CA Private Key
- C.vCenter Server Certificate Signing Request
- D.vCenter Server Certificate
Explaination:
To establish a Standard Key Provider trusted connection between vCenter and its Key Management Server (KMS), you typically need:
A. vCenter Server Root CA Certificate
The reason is that when setting up a trusted connection between vCenter and a KMS, vCenter needs to trust the KMS, and the KMS needs to trust vCenter. This trust is often established through the exchange of certificates. The vCenter Server Root Certificate Authority (CA) certificate is used to validate the identity of vCenter to the KMS. By importing the vCenter Server Root CA Certificate into the KMS, the KMS can verify the authenticity of the connection requests from vCenter, establishing a trust relationship.
94. 为了在vCenter和其密钥管理服务器(KMS)之间建立标准密钥提供商的可信连接,需要哪个证书文件?
- A. vCenter服务器根CA证书
- B. vCenter服务器根CA私钥
- C. vCenter服务器证书签名请求
- D. vCenter服务器证书
解释:
要在vCenter和其密钥管理服务器(KMS)之间建立标准密钥提供商的可信连接,通常需要:
A. vCenter服务器根CA证书
原因是在vCenter和KMS之间建立可信连接时,vCenter需要信任KMS,KMS也需要信任vCenter。这种信任通常通过证书的交换来建立。vCenter服务器根证书授权(CA)证书用于验证vCenter对KMS的身份。通过将vCenter服务器根CA证书导入到KMS,KMS可以验证来自vCenter的连接请求的真实性,从而建立信任关系。
