option D is correct: "A server certificate and a root certificate authority are both used."Here's why:A server certificate is used to present to the client. This certificate is typically signed by the device performing the SSL proxy function. The client sees this certificate instead of the actual server's certificate. The server certificate used in the proxy must be trusted by the client, either directly or through a chain of trust, which involves a Root Certificate Authority (CA).A root certificate authority (CA) is used by the SSL proxy to sign the server certificate that it presents to the client. The Root CA must be trusted by the client for the client to establish a trusted SSL session. In many cases, the Root CA used by the SSL proxy is an internal CA whose root certificate has been distributed to and trusted by client devices within the organization.
You must configure either root-ca (forward proxy -"client profile") or server-certificate (reverse proxy) in an SSL proxy profile. Otherwise, the commit check fails.
source :
https://www.juniper.net/documentation/us/en/software/junos/logical-system-security/topics/topic-map/ssp-proxy-lsys.html
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
66dc178
5 months, 2 weeks agoGallileo9
10 months, 3 weeks ago65briang
1 year, 11 months agocuc_necunoscut
2 years, 4 months agoexamwow
2 years, 6 months agojoseph267
2 years, 9 months agoraiman
2 years, 10 months agosandhifaiz
3 years, 1 month agoHuyLe382
3 years, 4 months ago