Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

TechLibrary
Navigation
Table of Contents
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Using Automatically Generated Self-Signed Certificates (CLI Procedure)

    After the device is initialized, it checks for the presence of a self-signed certificate. If a self-signed certificate is not present, the device automatically generates one.

    You can add the following statement to your configuration if you want to use the automatically generated self-signed certificate to provide access to HTTPS services:

    system {
	services {
		web-management {
			http {
				interface [ ... ];
			} https {
				system-generated-certificate;
				interface [ ... ];
			}
		}
	}
}

    The device uses the following distinguished name for the automatically generated certificate:

    “ CN=<device serial number>, CN=system generated, CN=self-signed”

    Use the following command to specify that the automatically generated self-signed certificate is to be used for Web management HTTPS services:

    user@host# set system services web-management https system-generated-certificate

    Use the following operational command to delete the automatically generated self-signed certificate:

    user@host# clear security pki local-certificate system-generated

    After you delete the system-generated self-signed certificate, the device automatically generates a new one and saves it in the file system.

     

    Related Documentation

     

    Modified: 2013-10-29

    Previous Page Next Page