Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

TechLibrary
Navigation
Table of Contents
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    request security pki generate-certificate-request (Security)

    Syntax

    request security pki generate-certificate-request certificate-id certificate-id-name domain-name domain-name subject subject-distinguished-name<add-ca-constraint><digest (sha1 | sha256)><email email-address><filename (path | terminal)><ip-address ip-address>

    Release Information

    Command introduced in Junos OS Release 7.5. Support for digest option added in Junos OS Release 12.1X45-D10.

    Description

    Manually generate a local digital certificate request in the Public-Key Cryptography Standards #10 (PKCS-10) format.

    Options

    certificate-id certificate-id-name

    Name of the local digital certificate and the public/private key pair.

    domain-name domain-name

    Fully qualified domain name (FQDN) provides the identity of the certificate owner for Internet Key Exchange (IKE) negotiations and provides an alternative to the subject name.

    subject subject-distinguished-name

    Distinguished name format contains the following information:

    • DC—Domain component
    • CN—Common name
    • OU—Organizational unit name
    • O—Organization name
    • L—Locality
    • ST—State
    • C—Country
    digest

    (Optional) Hash algorithm used to sign the certificate request.

    • sha1—SHA-1 digest (default).
    • sha256—SHA-256 digest.
    email email-address

    (Optional) E-mail address of the certificate holder.

    filename (path | terminal)

    (Optional) Location where the local digital certificate request should be placed or the login terminal.

    ip-address ip-address

    (Optional) IP address of the router.

    Required Privilege Level

    maintenance

     

    Related Documentation

     

    List of Sample Output

    request security pki generate-certificate-request

    Output Fields

    When you enter this command, you are provided feedback on the status of your request.

    Sample Output

    request security pki generate-certificate-request

    user@host> request security pki generate-certificate-request certificate-id local-entrust2 domain-name router2.example.net filename entrust-req2 subject cn=router2.example.net
    Generated certificate request
-----BEGIN CERTIFICATE REQUEST-----
MIIBoTCCAQoCAQAwGjEYMBYGA1UEAxMPdHAxLmp1bmlwZXIubmV0MIGfMA0GCSqG
SIb3DQEBAQUAA4GNADCBiQKBgQCiUFklQws1Ud+AqN5DDxRs2kVyKEhh9qoVFnz+
Hz4c9vsy3B8ElwTJlkmIt2cB3yifB6zePd+6WYpf57Crwre7YqPkiXM31F6z3YjX
H+1BPNbCxNWYvyrnSyVYDbFj8o0Xyqog8ACDfVL2JBWrPNBYy7imq/K9soDBbAs6
5hZqqwIDAQABoEcwRQYJKoZIhvcNAQkOMTgwNjAOBgNVHQ8BAf8EBAMCB4AwJAYD
VR0RAQH/BBowGIIWdHAxLmVuZ2xhYi5qdW5pcGVyLm5ldDANBgkqhkiG9w0BAQQF
AAOBgQBc2rq1v5SOQXH7LCb/FdqAL8ZM6GoaN5d6cGwq4bB6a7UQFgtoH406gQ3G
3iH0Zfz4xMIBpJYuGd1dkqgvcDoH3AgTsLkfn7Wi3x5H2qeQVs9bvL4P5nvEZLND
EIMUHwteolZCiZ70fO9Fer9cXWHSQs1UtXtgPqQJy2xIeImLgw==
-----END CERTIFICATE REQUEST-----
Fingerprint:
0d:90:b8:d2:56:74:fc:84:59:62:b9:78:71:9c:e4:9c:54:ba:16:97 (sha1)
1b:08:d4:f7:90:f1:c4:39:08:c9:de:76:00:86:62:b8 (md5)

    Modified: 2016-07-06

    Previous Page Next Page