Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Understanding IDP SSL Server Key Management and Policy Configuration

    The device can support up to 1000 server private keys. Each key can have up to 100 servers that use it. This capacity is the same regardless of the number of SPUs available on the device because essentially each SPU needs to be able to access all the keys.

    Multiple servers can share the same private key; however, one server can have only one private key. SSL decryption is disabled by default. Both plain and encrypted keys are supported.

    Note: Junos OS does not encrypt SSL keys file.

    Note: You can set the value of SSL session ID cache timeout parameter by using the set security idp sensor-configuration ssl-inspection session-id-cache-timeout command. The default value of the cache timeout parameter is 600 seconds.

    Published: 2012-06-29