Your team needs to deploy a signed file for an internal web service using an existing private key (server.key) and signing request (server.csr). The file must remain valid for one year and use SHA-256. Which command generates a signed output using the private key itself rather than an outside issuer?
The -x509 option in the OpenSSL request tool causes it to output a signed file instead of a request, using the specified private key for signing. The -days flag sets the validity period and -sha256 chooses the hashing algorithm. The other options are incorrect because:
• One choice uses an external signer setup instead of self-signing. • Another generates just a new key without producing a signed file. • The last creates a new key and signing request, not a signed artifact.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the purpose of the -x509 option in OpenSSL commands?
Open an interactive chat with Bash
Why is SHA-256 chosen as the hashing algorithm?
Open an interactive chat with Bash
What is the role of server.key and server.csr in this process?