Junos Space SDK > Developer Guides > Junos Space Application Developer Guide > Programming with the Junos Space SDK > Using the Junos Space SDK Plug-in > Packaging Applications for Production Junos Space

Managing Certificates

A submenu item, Manage Certificates, is provided to manage a certificate. You access this item by clicking File > Junos Space > Manage Certificates. The Manage Certificates menu item allows you to do the following:

The types of certificates that can be issued and their hierarchical relationships to each other are shown in the following figure:


To manage a certificate, do the following:

  1. Start the Eclipse IDE.

  2. On the toolbar menu, click the Manage Certificate button, or select Junos Space > Manage Certificates from the Eclipse menu bar.

    The details shown at the Manage Certificates window depend on whether a certificate has been already imported or not.

    If the certificate is already imported, the following screen is displayed with details about the imported certificate:



    Field Names Description
    Certificate Request Type Can be either a company certificate, a department/BU certificate, or an individual certificate.
    Vendor ID A unique ID assigned to a Juniper Networks vendor/company. This ID is issued when the company certificate is signed.
    Common Name May be a user name or a company vendor ID, depending on the certificate type.
    Certificate Issue Date The date on which the certificate is issued.
    Certificate Expiry Date The last valid date of the certificate.
    Organization Information Details such as company name, department, and email of an organization.
    Organization's Address Information Details such as country and state or province and city of an organization.
  3. Click the Create Certificate Signing Request button to create a certificate signing request or the Import Certificate button to import a certificate.

    If there is no certificate in place, the following screen is displayed with the message No Certificate Imported:


  4. Either click the Create Certificate Signing Request button to create a certificate signing request or the Import Certificate button to import a certificate.

Creating a Certificate Signing Request

You can create and send a certificate signing request at the Manage Certificates window by using the Create Certificate Signing Request button. The following screen is displayed:



  1. Select the type of certificate you are requesting:

    • By default, the Company Certificate option is selected, and a certificate administrator email is sent to sdk-cert@juniper.net. The certificate administrator email field is read-only.

      Note: The Company Certificate option is disabled for Juniper Networks users.

    • If you select a Department/BU Certificate or an Individual Certificate request type, the certificate administrator email field will be blank and editable. Enter the certificate administrator's email ID.

  2. The Company and Department fields are set with the values that were provided when Junos Space SDK was installed. The Company field is read-only.
  3. Click on the button adjacent to the To save generated keys field to select the directory in which to save the certificate request and private key, and eventually the imported certificate.
  4. Click the Next button. The next screen in the Create Certificate Signing Request wizard depends on what certificate request type you selected:

Creating a Company Certificates

  1. Select the certificate request type as Company Certificate. Enter the required details in the above screen and click Next. The following screen is displayed.


  2. Click Update to update the Vendor ID.

  3. Enter the Internet email alias.

  4. Click Next. The following screen is displayed:


  5. Click Finish to email the Certificate Signing Request.

Creating Individual Certificates

  1. Select the certificate request type as Individual Certificate. Enter the required details in the above screen and click Next. The following screen is displayed:


  2. Enter the appropriate information in the First Name, Last Name, and User's Email fields.
  3. Click Next. A confirmation page is displayed where you can verify the data entered in the previous screens.
  4. Click Finish to email the Certificate Signing Request.

Creating Department/BU Certificates

  1. Select the certificate request type as Department/BU Certificate. Enter the required details in the screen shown above and click Next. The following screen is displayed:


  2.  
  3. Enter the Local Alias email.
  4. Click Next. A confirmation page is displayed where you can verify the data entered in the previous screens.
  5. Click Finish to email the Certificate Signing Request.

Emailing the Certificate Request

If the certificate creation is successful, the following confirmation screen is displayed. The private_key.pem and cert_request.pem files are created.


Click OK. The email client configured on the user system displays a new email. Using this email, the cert_request.pem file can be sent to the person named above at Juniper Networks, Inc. The email has a predefined template that contains information about the certificate request, and it includes the cert_request.pem file as an attachment.

Note: If the cert_request.pem file is not attached to the email, then you must attach it manually.

Note: Because the Internal Alias Email ID is set to ca@juniper.net, Juniper Networks users need not enter this information.

For all certificate request types, if you are creating a certificate request for the second time, then all the fields are displayed with information from the previous certificate request.

Importing a Certificate

  1. Click the Import Certificate button on the Manage Certificates window.

     

    The Vendor ID is set to the value that was specified when installing the Junos Space SDK.

  2. Choose locations into which to save the certificate, the private key, and the imported certificate.
  3. Click Finish to save the signed certificate and private key to the chosen locations. You can view the imported certificate information in the Manage Certificates screen after the certificate is successfully imported.

The following validations are performed when importing a certificate: