- request security pki generate-certificate-request certificate-id certificate-id-name domain-name domain-name subject subject-distinguished-name
- <filename (path | terminal)>
- <ip-address ip-address>
- <validity-end-time end-time>
- <validity-start-time start-time>
Command introduced in JUNOS Release 7.5.
(Adaptive services interfaces only) Manually generate a local digital certificate request in the Public-Key Cryptography Standards #10 (PKCS-10) format.
certificate-id certificate-id-name — Name of the local digital certificate and the public/private key pair.
domain-name domain-name — Fully qualified domain name (FQDN). The FQDN provides the identity of the certificate owner for Internet Key Exchange (IKE) negotiations and provides an alternative to the subject name.
subject subject-distinguished-name — Distinguished name format that contains the common name, department, company name, state, and country:
filename (path | terminal) — (Optional) Location where the local digital certificate request should be placed or the login terminal.
ip-address ip-address — (Optional) IP address of the router.
validity-end-time end-time — (Optional) End time that the digital certificate is valid, in the format YYYY-MO-DD.HH:MN:SS. If you do not specify an end time value, the end time is assigned by the default CA policy.
validity-start-time start-time — (Optional) Start time that the digital certificate is valid, in the format YYYY-MO-DD.HH:MN:SS. If you do not specify the start time value, the current time is used.
maintenance
clear security pki certificate-request
show security pki certificate-request
When you enter this command, you are provided feedback on the status of your request.
request security pki generate-certificate-request
user@host> request security pki generate-certificate-request
certificate-id local-entrust2 domain-name router2.juniper.net filename
entrust-req2 subject cn=router2.juniper.netGenerated certificate request -----BEGIN CERTIFICATE REQUEST----- MIIBoTCCAQoCAQAwGjEYMBYGA1UEAxMPdHAxLmp1bmlwZXIubmV0MIGfMA0GCSqG SIb3DQEBAQUAA4GNADCBiQKBgQCiUFklQws1Ud+AqN5DDxRs2kVyKEhh9qoVFnz+ Hz4c9vsy3B8ElwTJlkmIt2cB3yifB6zePd+6WYpf57Crwre7YqPkiXM31F6z3YjX H+1BPNbCxNWYvyrnSyVYDbFj8o0Xyqog8ACDfVL2JBWrPNBYy7imq/K9soDBbAs6 5hZqqwIDAQABoEcwRQYJKoZIhvcNAQkOMTgwNjAOBgNVHQ8BAf8EBAMCB4AwJAYD VR0RAQH/BBowGIIWdHAxLmVuZ2xhYi5qdW5pcGVyLm5ldDANBgkqhkiG9w0BAQQF AAOBgQBc2rq1v5SOQXH7LCb/FdqAL8ZM6GoaN5d6cGwq4bB6a7UQFgtoH406gQ3G 3iH0Zfz4xMIBpJYuGd1dkqgvcDoH3AgTsLkfn7Wi3x5H2qeQVs9bvL4P5nvEZLND EIMUHwteolZCiZ70fO9Fer9cXWHSQs1UtXtgPqQJy2xIeImLgw== -----END CERTIFICATE REQUEST----- Fingerprint: 0d:90:b8:d2:56:74:fc:84:59:62:b9:78:71:9c:e4:9c:54:ba:16:97 (sha1) 1b:08:d4:f7:90:f1:c4:39:08:c9:de:76:00:86:62:b8 (md5)