VMware Certified Professional - Data Center Virtualization (VCP-DCV) Practice Exam

Which keystore would a vSphere Replication administrator use to manually add an additional Certificate Authority certificate?

• A. hms-truststore.jks
• B. hms-keystore.jks
• C. certificates.ks
• D. cacerts.ks

The correct answer is: hms-truststore.jks

The correct answer is that the vSphere Replication administrator would use the hms-truststore.jks to manually add an additional Certificate Authority certificate. The hms-truststore.jks serves as a trust store that contains trusted certificates and is specifically designed to verify the authenticity of certificates presented by servers or clients within the vSphere environment. This trust store is crucial for establishing secure communication between components, as it allows the system to recognize and trust the certificates issued by Certificate Authorities (CA). When you need to add a new CA certificate to ensure secure communications between different components of your virtual data center, such as between vSphere Replication and other services, you would place that certificate into the hms-truststore.jks. This ensures that the new certificate is recognized and trusted throughout the environment. Other choices, such as hms-keystore.jks and certificates.ks, are not intended for storing trusted CA certificates. The hms-keystore.jks typically holds private keys and public certificates for the services themselves rather than CA certificates. Similarly, certificates.ks may serve a specific function but does not correspond to the storage of CA certificates in the context of vSphere Replication specifically. The cacerts.ks might suggest a different context of trust management but