About the Trusted Certificate Authority Page
You are here: Device Administration > Certificate Management > Trusted Certificate Authority.
SSL forward proxy ensures secure transmission of data between a client and a server. Before establishing a secure connection, SSL forward proxy checks certificate authority (CA) certificates to verify signatures on server certificates. For this reason, a reasonable list of trusted CA certificates is required to effectively authenticate servers.
You can perform the following tasks:
Generate a default trusted CAs. See Generate Default Trusted Certificate Authorities.
Enroll a CA certificate using the Simple Certificate Enrollment Process (SCEP) or Certificate Management Protocol (CMPv2). With SCEP or CMPv2, you can configure Juniper Network device to obtain a local certificate online and start the online enrollment for the specified certificate ID. See Enroll a CA Certificate.
Import a CA certificate to manually load CA certificates and CRL. See Import a CA Certificate.
Add a CA profile. See Add a Certificate Authority Profile.
Edit a CA profile. See Edit a Certificate Authority Profile.
Delete a CA profile. See Delete Certificate Authority Profile.
Search for text in a Trusted Certificate Authority table. See Search Text in the Trusted Certificate Authority Table.
Filter the trusted CA information based on select criteria. To do this, select the filter icon at the top right-hand corner of the table. The columns in the grid change to accept filter options. Type the filter options; the table displays only the data that fits the filtering criteria.
Show or hide columns in the trusted CA table. To do this, use the Show Hide Columns icon in the top right corner of the page and select the options you want to show or deselect to hide options on the page.
Table 1 provides the details of the fields of the Trusted Certificate Authority Page.
Table 1: Fields on Trusted Certificate Authority Page
Displays the name of the CA profile.
Displays the CA certificate ID.
Displays the issuer organizational name.
Displays the status of the CA certificate.
Displays CA certificate expiration date.
Displays whether the algorithm of the certificate is RSA, DSA, or ECDSA encryption.