Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

TechLibrary
Navigation
Table of Contents
Guide That Contains This Content
[+] Expand All
[-] Collapse All
     

    Related Documentation

     

    Obtaining a Signed Certificate from the CA for an ES PIC

    To obtain a signed certificate from the CA, issue the following command:

    user@host> request security certificate enroll filename filename subject c=us,o=x alternative-subject certificate-ip-address certification-authority certificate-authority key-file key-file-name domain-name domain-name

    The results are saved in a specified file to the /var/etc/ikecert directory.

    The following example shows how to obtain a CA signed certificate by referencing the configured certification-authority statement local . This statement is referenced by the request security certificate enroll filename m subject c=us,0=x alternative subject 1.1.1.1 certification-authority command.

    [edit]security {certificates {certification-authority local {ca-name xyz.company.com;file l;enrollment-url "http://www.xyzcompany.com";}}}

    To obtain a signed certificate from the CA, issue the following command:

    user@host> request security certificate enroll filename I subject c=uk,o=london alternative-subject 10.50.1.4 certification-authority verisign key-file host-1.prv domain-name host.xyzcompany.comCA name: xyz.company.com CA file: ca_verisignlocal pub/private key pair: host.prvsubject: c=uk,o=london domain name: host.juniper.netalternative subject: 10.50.1.4Encoding: binaryCertificate enrollment has started. To see the certificate enrollment status, check the key management process (kmd) log file at /var/log/kmd. <--------------

    For information about how to use the operational mode commands to obtain a signed certificate, see the Junos OS Operational Mode Commands.

    Another way to obtain a signed certificate from the CA is to reference the configured statements such as the URL, CA name, and CA certificate file by means of the certification-authority statement:

    user@host> request security certificate enroll filename m subject c=us ,o=x alternative-subject 1.1.1.1 certification-authority local key-file y domain-name abc.company.com
     

    Related Documentation

     

    Published: 2012-11-15

    Previous Page Next Page