Home » Microsoft » 70-342 » Which two stores should you add the root CA certificate?
You deploy a new certificate to a Client Access server.
You test the new certificate by using Outlook Anywhere from the Internet.
The test generates certificate errors.
You need to prevent the errors from reoccurring.
To which two stores should you add the root CA certificate? (Each correct answer presents part of the solution. Choose two.)
A. the personal store on the client computers
B. the personal store on the Client Access server
C. the personal store on the Mailbox servers
D. the Trusted Root Certification Authorities store on the client computers
E. the Trusted Root Certification Authorities store on the Client Access server
F. the Trusted Root Certification Authorities store on the Mailbox servers
Correct Answer: DE
Explanation/Reference:
Explanation:
D: Outlook Anywhere won’t work with a self-signed certificate on the Client Access server. Self- signed certificates must be manually copied to the trusted root certificate store on the client computer or mobile device. When a client connects to a server over SSL and the server presents a self-signed certificate, the client will be prompted to verify that the certificate was issued by a trusted authority. The client must explicitly trust the issuing authority. If the client confirms the trust, then SSL communications can continue.
E: If you are providing external access to Autodiscover by using Outlook Anywhere you must install a valid SSL certificate on the Client Access server.