Related Documentation
- J Series
- Understanding Local Certificate Requests
- Digital Certificates Configuration Overview
- LN Series
- Understanding Local Certificate Requests
- Digital Certificates Configuration Overview
- SRX Series
- Understanding Local Certificate Requests
- Digital Certificates Configuration Overview
- Additional Information
- Public Key Infrastructure Feature Guide for Security Devices
Example: Manually Generating a CSR for the Local Certificate and Sending it to the CA Server
This example shows how to generate a certificate signing request manually.
Requirements
Generate a public and private key. See Example: Generating a Public-Private Key Pair.
Overview
In this example, you generate a certificate request using the certificate ID of a public-private key pair you previously generated (ca-ipsec). Then you specify the domain name (example.net) and the associated common name (abc). The certificate request is displayed in PEM format.
You copy the generated certificate request and paste it into the appropriate field at the CA website to obtain a local certificate. (Refer to the CA server documentation to determine where to paste the certificate request.) When the PKCS #10 content is displayed, the MD5 hash and SHA-1 hash of the PKCS #10 file is also displayed.
Configuration
Step-by-Step Procedure
To generate a local certificate manually:
- Specify certificate ID, domain name, and common name.user@host> request security pki generate-certificate-request certificate-id ca-ipsec domain-name example.net subject CN=abc
Verification
To view the certificate signing request, enter the show security pki certificate-request detail command.
Certificate identifier: ca-ipsec Certificate version: 1 Issued to: CN = abc Public key algorithm: rsaEncryption(1024 bits) 30:81:89:02:81:81:00:da:ea:cd:3a:49:1f:b7:33:3c:c5:50:fb:57 de:17:34:1c:51:9b:7b:1c:e9:1c:74:86:69:a4:36:77:13:a7:10:0e 52:f4:2b:52:39:07:15:3f:39:f5:49:d6:86:70:4b:a6:2d:73:b6:68 39:d3:6b:f3:11:67:ee:b4:40:5b:f4:de:a9:a4:0e:11:14:3f:96:84 03:3c:73:c7:75:f5:c4:c2:3f:5b:94:e6:24:aa:e8:2c:54:e6:b5:42 c7:72:1b:25:ca:f3:b9:fa:7f:41:82:6e:76:8b:e6:d7:d2:93:9b:38 fe:fd:71:01:2c:9b:5e:98:3f:0c:ed:a9:2b:a7:fb:02:03:01:00:01 Fingerprint: 0f:e6:2e:fc:6d:52:5d:47:6e:10:1c:ad:a0:8a:4c:b7:cc:97:c6:01 (sha1) f8:e6:88:53:52:c2:09:43:b7:43:9c:7a:a2:70:98:56 (md5)
Related Documentation
- J Series
- Understanding Local Certificate Requests
- Digital Certificates Configuration Overview
- LN Series
- Understanding Local Certificate Requests
- Digital Certificates Configuration Overview
- SRX Series
- Understanding Local Certificate Requests
- Digital Certificates Configuration Overview
- Additional Information
- Public Key Infrastructure Feature Guide for Security Devices
