PdfPrep.com

Which certificate type and DNS entry should you use?

HOTSPOT

You need to configure the single sign-on environment for Contoso.

Which certificate type and DNS entry should you use? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Answer:

Explanation:

The token-signing certificate must contain a private key that chains to a trusted root in the FS. AD FS creates a self-signed certificate by default.

It is recommend that the self-signed token-signing certificate generated by AD FS is used.

Microsoft best practices recommends that you use the host name, STS (secure token service). ie. sts.domain.com.

Explanation:

https://www.digicert.com/csr-creation-microsoft-office-365.htm

https://support.office.com/en-us/article/Plan-for-third-party-SSL-certificates-for-Office-365-b48cdf63-07e0-4cda-8c12-4871590f59ce?ui=en-US&rs=en-US&ad=US

Exit mobile version