[ Contents] [ Prev] [ Next] [ Index] [ Report an Error]

request security pki generate-certificate-request

Syntax

request security pki generate-certificate-request certificate-id certificate-id-name domain-name domain-name subject subject-distinguished-name
<filename (path | terminal)>
<ip-address ip-address>
<validity-end-time end-time>
<validity-start-time start-time>

Release Information

Command introduced in JUNOS Release 7.5.

Description

(Adaptive services interfaces only) Manually generate a local digital certificate request in the Public-Key Cryptography Standards #10 (PKCS-10) format.

Options

certificate-id certificate-id-nameName of the local digital certificate and the public/private key pair.

domain-name domain-nameFully qualified domain name (FQDN). The FQDN provides the identity of the certificate owner for Internet Key Exchange (IKE) negotiations and provides an alternative to the subject name.

subject subject-distinguished-nameDistinguished name format that contains the common name, department, company name, state, and country:

filename (path | terminal) — (Optional) Location where the local digital certificate request should be placed or the login terminal.

ip-address ip-address(Optional) IP address of the router.

validity-end-time end-time(Optional) End time that the digital certificate is valid, in the format YYYY-MO-DD.HH:MN:SS. If you do not specify an end time value, the end time is assigned by the default CA policy.

validity-start-time start-time(Optional) Start time that the digital certificate is valid, in the format YYYY-MO-DD.HH:MN:SS. If you do not specify the start time value, the current time is used.

Required Privilege Level

maintenance

Related Topics

clear security pki certificate-request
show security pki certificate-request

List of Sample Output

request security pki generate-certificate-request

Output Fields

When you enter this command, you are provided feedback on the status of your request.

Sample Output

request security pki generate-certificate-request

user@host> request security pki generate-certificate-request certificate-id local-entrust2 domain-name router2.juniper.net filename entrust-req2 subject cn=router2.juniper.net
Generated certificate request
-----BEGIN CERTIFICATE REQUEST-----
MIIBoTCCAQoCAQAwGjEYMBYGA1UEAxMPdHAxLmp1bmlwZXIubmV0MIGfMA0GCSqG
SIb3DQEBAQUAA4GNADCBiQKBgQCiUFklQws1Ud+AqN5DDxRs2kVyKEhh9qoVFnz+
Hz4c9vsy3B8ElwTJlkmIt2cB3yifB6zePd+6WYpf57Crwre7YqPkiXM31F6z3YjX
H+1BPNbCxNWYvyrnSyVYDbFj8o0Xyqog8ACDfVL2JBWrPNBYy7imq/K9soDBbAs6
5hZqqwIDAQABoEcwRQYJKoZIhvcNAQkOMTgwNjAOBgNVHQ8BAf8EBAMCB4AwJAYD
VR0RAQH/BBowGIIWdHAxLmVuZ2xhYi5qdW5pcGVyLm5ldDANBgkqhkiG9w0BAQQF
AAOBgQBc2rq1v5SOQXH7LCb/FdqAL8ZM6GoaN5d6cGwq4bB6a7UQFgtoH406gQ3G
3iH0Zfz4xMIBpJYuGd1dkqgvcDoH3AgTsLkfn7Wi3x5H2qeQVs9bvL4P5nvEZLND
EIMUHwteolZCiZ70fO9Fer9cXWHSQs1UtXtgPqQJy2xIeImLgw==
-----END CERTIFICATE REQUEST-----
Fingerprint:
0d:90:b8:d2:56:74:fc:84:59:62:b9:78:71:9c:e4:9c:54:ba:16:97 (sha1)
1b:08:d4:f7:90:f1:c4:39:08:c9:de:76:00:86:62:b8 (md5)

[ Contents] [ Prev] [ Next] [ Index] [ Report an Error]