Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Installing a Custom SSL Certificate on the Junos Space Server

 

By default, Junos Space Network Management Platform uses a self-signed SSL certificate. However, Junos Space Network Management Platform provides an option to associate your own custom SSL certificate with the Junos Space server.

You install a custom SSL certificate to use X.509 certificate–based authentication mode. You can upload a certificate in X.509, PKCS#1, or PKCS # 12 format. If you upload the certificate in the PKCS#1 or PKCS#12 format, Junos Space Network Management Platform converts the certificate into two files (public certificate and decrypted private key) in the Privacy-Enhanced Mail (PEM) format.

Caution

When the authentication mode is changed, all existing user sessions, except that of the current administrator who is changing the authentication mode, are automatically terminated and the users are forced to log out.

The topics in this section describe how to associate your own custom SSL certificate with the Junos Space server.

Installing an X.509 Junos Space Server Certificate

You install an X.509 certificate file on the Junos Space server to enable X.509 certificate–based authentication. Before you upload and install the certificate, ensure that both the certificate and the key are available on your local computer.

To install an X.509 certificate file:

  1. Select Network Management Platform > Administration > Platform Certificate.

    The Platform Certificate page appears.

  2. From the Upload Certificate area, select the X.509 Certificate & Private Key option button to upload the certificate files in the Distinguished Encoding Rules (DER) or Privacy-Enhanced Mail (PEM) format.

    By default, this option is selected.

    • DER format certificate files:

      • The supported extensions are: .der, .cer, and .crt.

      • They are stored in binary format.

    • PEM format certificate files:

      • The supported extensions are: .pem, .cer, and .crt.

      • They are stored in the Base64-encoded DER format.

  3. To navigate to select the X.509 certificate file from your local file system, click Browse adjacent to the Certificate field.
  4. To navigate to and select the private key file from your local file system, click Browse adjacent to the Private Key field.
  5. (Optional) Enter the passphrase in the Private Key Pass-phrase field.

    You must enter the passphrase if the private key is encrypted.

  6. Click Upload.

    Junos Space Platform displays a warning message asking for confirmation to replace the current certificate.

  7. You can either install the certificate or cancel the installation process.

    • To install the certificate, click Yes.

      Junos Space Platform performs internal validations to verify whether the uploaded files are valid. If any of the files is invalid, Junos Space Platform displays an error message.

      If the files are valid, then the upload is successful and Junos Space Platform starts using the new certificate. All existing sessions are terminated and the users are forced to log out.

    • To cancel the installation, click Cancel.

      Junos Space Platform continues to use the current certificate.

Installing a Junos Space Server Certificate in the PKCS #12 Format

Before you proceed, make sure that the PKCS #12 certificate is available on your local file system.

To upload a certificate in PKCS#12 format:

  1. Select Network Management Platform > Administration > Platform Certificate.

    The Platform Certificate page appears.

  2. From the Upload Certificate area, select the PKCS #12 Format Certificate option button to upload the PKCS#12 format certificate file.
  3. To navigate to and select the PKCS#12 format certificate file from your local file system, click Browse adjacent to the Certificate & Private Key field.
  4. (Optional) Enter the password in the Password field.
  5. Click Upload.

    Junos Space Platform displays a warning message asking for confirmation to replace the current certificate.

  6. You can either install the certificate or cancel the installation process.

    • To install the certificate, click Yes.

      Junos Space Platform performs internal validations to verify whether the uploaded files are valid. If any of the files is invalid, Junos Space Platform displays an error message.

      If the files are valid, then the upload is successful and Junos Space Platform starts using the new certificate. All existing sessions are terminated and the users are forced to log out.

    • To cancel the installation, click Cancel.

      Junos Space Platform continues to use the current certificate.

Reverting to the Default Junos Space Server SSL Certificate

You revert to the default certificate when your current certificate is about to expire.

To revert to the default certificate:

  1. Select Network Management Platform > Administration > Platform Certificate.

    The Platform Certificate page appears.

    The Current Platform Certificate area of the page displays the certificate that is currently being used by the Junos Space server. To gain an understanding about the attributes of the certificate, see Certificate Management Overview.

  2. To revert to the default SSL certificate, click Use Default Certificate.

    An information dialog box indicating that the default self-signed Juniper Networks certificate will be used is displayed.

  3. You can continue or cancel reverting to the default certificate.

    • To use the default certificate, click OK.

      Junos Space Platform uses the default certificate.

    • To cancel, click Cancel.

      Junos Space Platform uses the custom certificate.