Exam 1Y0-240 All QuestionsBrowse all questions from this exam
Go to Exam
Question 2

Scenario: A Citrix Administrator manages an environment that has three SSL websites, all serving the same content. www.company.com www.company.net www.company.org

The administrator would like to consolidate the website into a single, load-balanced SSL virtual server.

Which action can the administrator take to use a single SSL virtual server?

    Correct Answer: B

    The administrator can use a single SSL virtual server by binding a multiple Subject Alternative Name (SAN) certificate. This type of certificate can include multiple domain names and their variants, such as www.company.com, www.company.net, and www.company.org. This allows all three websites to be served over SSL from a single virtual server.

Discussion
RatheeshRavindranOption: A

Both A and B are correct. You can have 3 different certificate bind to same Virtual server or you can go for SNI option . More correct answer is A , because he is already has certificate with him

ImMaaxOption: B

Best practice would be a SAN, imo

StirlitzOption: B

B is right answer. https://knowledge.digicert.com/solution/SO9440.html

GTJOption: B

B. SAN should cover all three names and domain extensions. Wildcard can only cover domain names

CubahaxxorOption: B

A SAN with a CS vServer is the answer, as you have 3 different URL with .com/.org/.net. Wildcards are firstly not really recommended but aren't used for org indicators at the end of the URL. So a Wildcard just wont work... D is incorrect flatly due to its inability to be used. B works but, typically if we got 3 URLs resolving via to the same IP it is more ideal to use a CS vServer so we have granular control over the urls individually, a single SSL Offload vServer would make it where the 3 are bound together as a service so a change will always impact all 3 unlike a CS vServer connecting to non-addressable LBs. The question is flawed unfortunately and cannot be answered properly.

knoorOption: B

B is correct

HeraldoOption: A

A is correct https://support.citrix.com/article/CTX205283#:~:text=You%20can%20enable%20the%20SNI,certificates%20to%20the%20virtual%20server.

LevisOption: A

A is right answer

RatheeshRavindranOption: B

Both A and B are correct. You can have 3 different certificate bind to same Virtual server or you can go for SNI option

Geoff11Option: A

I believe the answer should be A, the websites already exist and likely the certs, it's just a single vServer that needs creating and therefore by enabling the SNI and ticking the box when binding the cert, multiple certs can be assigned to a single vServer; https://www.citrix.com/blogs/2015/09/10/citrix-netscaler-how-to-apply-multiple-certificates-to-one-virtual-server/

Geoff11

Same article, under 'Configure SNI Virtual Server, it does in fact refer to the use of wildcard. "A wildcard SSL Certificate helps enable SSL encryption on multiple subdomains if the domains are controlled by the same organization and share second-level domain name. For example, a wildcard certificate issued to a sports network using the common name “*.sports.net” can be used to secure domains, such as “login.sports.net” and “help.sports.net” but not “login.ftp.sports.net.”"

darcoOption: B

I think right one in use SAN. wildcard certificate apply on prefix. *.aa.com is ok www.aa.* not