Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Generating SSL Certificates

    To enable secure Web access, you must first generate a digital SSL certificate, and then enable HTTPS access on the Juniper Networks device.

    To generate an SSL certificate:

    1. Enter the following openssl command in your Secure Shell command-line interface. The openssl command generates a self-signed SSL certificate in the Privacy-Enhanced Mail (PEM) format. It writes the certificate and an unencrypted 1024-bit RSA private key to the specified file.

      Note: Run this command on a LINUX or UNIX device because Juniper Networks Services Gateways do not support the openssl command.

      % openssl req –x509 –nodes –newkey rsa:1024 –keyout filename.pem -out filename.pem

      Replace filename with the name of a file in which you want the SSL certificate to be written—for example, new.pem.

    2. When prompted, type the appropriate information in the identification form. For example, type US for the country name.
    3. Display the contents of the new.pem file.

      cat new.pem

      Copy the contents of this file for installing the SSL certificate.

    Go on to Configuring Secure Web Access to install the SSL certificate and enable HTTPS.

    Modified: 2017-10-25