Examice

Exam 1Y0-204 All QuestionsBrowse all questions from this exam

Go to Exam

Question 72

Scenario: A Citrix Administrator created an SSL virtual server using only the following commands:

The SSL virtual server is currently in a DOWN state.

What could be the reason the SSL virtual server is in a down state?

The SSL services are NOT on the 10.102.29.X network.

SSLv3 is disabled.

The virtual server SSL port is NOT set to port 443.

The SSL Certificate is NOT bound to the virtual server.

Correct Answer: D

The SSL virtual server is in a DOWN state because an SSL virtual server requires an SSL certificate to be bound to it to function correctly. Without this certificate, the server cannot establish secure connections and will remain in a DOWN state. The SSL port number does not necessarily need to be port 443; it can be set to any port as specified by the administrator. Additionally, the disabled SSLv3 setting does not affect the server's ability to come UP. Therefore, the reason for the DOWN state is the lack of an SSL certificate bound to the virtual server.

Discussion

b233f0aOption: C

There is a misleading typo on the "add lb vserver sslserver SSL 10.102.29.133.444". If there were a ; before 444 then this would bind to port 444. But there is a dot, so the vserver is being created with an invalid IP address which would result in the vserver failing to be created, so everything else fails as a result. Therefore C is the correct answer in my opinion.

examencitrixOption: D

D. The SSL Certificate is NOT bound to the virtual server. the configuration provided in the scenario is missing a critical step: binding an SSL certificate

mhmtOption: C

should be C

ayushwithu

No. By default it use port 443 when you choose SSL.

melv_mad

In Line 1 the SSL is bound to Port 444. So C should be correct.

Ar4

But anyway even if in Line 1 i will be 443, Vserver will be down because it must have a certificate bind.

OllyThompson

Answer is D - front end and back end ports can be different for a normal SSL vServer and services, but it always needs a certificate bind to show as UP

Opurt666

No, it’s D. An SSL vServer can be configured to listen on any port, but will never show as UP if there’s no certificate bound. Port 443 is just the default for SSL, not a requirement.