Which of the following is MOST likely the cause of the signature failing?

An administrator at a software development company would like to protect the integrity Of the company’s applications with digital signatures. The developers report that the signing process keeps failing on all applications. The same key pair used for signing, however, is working properly on the website, is valid, and is issued by a trusted CA.

Which of the following is MOST likely the cause of the signature failing?

A. The NTP server is set incorrectly for the developers.

B. The CA has included the certificate in its CRL_

C. The certificate is set for the wrong key usage.

D. Each application is missing a SAN or wildcard entry on the certificate.

View Answer

Answer: C

Explanation:

Digital signatures require the use of a cryptographic key pair, which consists of a private key used to sign the application and a public key used to verify the signature. If the certificate used for signing the application is set for the wrong key usage, then the signature will fail. This can happen if the certificate is set for encrypting data instead of signing data, or if the certificate is set for the wrong algorithm, such as using an RSA key for an ECDSA signature.