What is one guideline for continuing to obtain a certificate?

You are using OpenSSL to obtain a certificate signed by a Certification Authority (CA).

You have entered this command:

openssl req -new -out file1.pem -newkey rsa:3072 -keyout file2.pem

Enter PEM pass phrase: **********

Verifying – Enter PEM pass phrase: **********

Country Name (2 letter code) [AU]:US

State or Province Name (full name) [Some-State]: California

Locality Name (eg, city) []: Sunnyvale

Organization Name (eg, company) [Internet Widgits Pty Ltd]: example.com

Organizational Unit Name (eg, section) []: Infrastructure

Common Name (e.g. server FQDN or YOUR name) []: radius.example.com

What is one guideline for continuing to obtain a certificate?

A. You should use a third-party tool to encrypt file2.pem before sending it and file1.pem to the CA.

B. You should concatenate file1.pem and file2.pem into a single file, and submit that to the desired CA to sign.

C. You should submit file1.pem, but not file2.pem, to the desired CA to sign.

D. You should submit file2.pem, but not file1.pem, to the desired CA to sign.

View Answer

Answer: C

Explanation:

When using OpenSSL to obtain a certificate signed by a Certification Authority (CA), you should submit the Certificate Signing Request (CSR) file, which is file1.pem, to the CA. The CSR contains the information about the entity requesting the certificate and the public key, but not the private key, which is in file2.pem. The CA uses the information in the CSR to create and sign the certificate.