Executing the Certificate Request Script
In order to develop and distribute JET applications, you must install a package signing certificate onto the virtual machine (VM). You do this by executing the certificate request script. This script assists you in creating a signing key and a certificate request for use with JET.
Never send your signing key to anyone, including Juniper Networks. The key enables anyone to sign applications that your router will trust. Therefore, it should be treated with the same level of security as the root password for the routers. Once you obtain your signing key, save it in a file outside of the VM.
Before you can run the certificate request script, you must
have the provider prefix, which is a uniquely identifying prefix that
represents the name of your organization. This prefix should have
been provided to a contact at your organization. If you do not know
this prefix, request it before running the
jet-certificate-request command. Contact JET Certificate Processing at
Information the script asks for includes the following data:
City, state, and country
Your organization and unit
Obtain from JET Certificate Processing at
This is an additional specification of your choosing. It could be a string specifying the development team or project name. The user string can consist of a lowercase letter followed by one or more lowercase letters or numbers.
This the string assigned by Juniper to differentiate multiple certificates for the same partner. Leave empty if none was assigned to you.
This number is known as a certificate generations number. It will be 1 for your initial certificate. When a certificate expires and a new one is requested, this number will be incremented.
We recommend against using a personal e-mail address for the certificate contact.
To create a signed application, request certificates and copy them as explained in the following procedure. This procedure is optional if you want to create an unsigned application.
To create a certificate request manually:
- In a VM terminal, issue the
The script leads you through a series of questions.
- Answer the questions, and press Enter after each answer.
A certificate name is synthesized from this information. The certificate name appears as the stem of the filenames for two files the script creates in the
- Save the
filename_key.pemfile outside the VM.
Ensure that no one outside of your development organization has access to it. Do not send this file to Juniper Networks.
- Send the
filename_req.pemfile to JET Certificate Processing at
JET Certificate Processing immediately sends your certificate to you.
To copy your certificate:
- Copy the certificate file to the