Adding the Server Certificate on the Routing Platform

The TLS client (JUNOS routing platform) needs a copy of the certificate that was used to sign the SAE certificate so that it can verify the SAE certificate. To install the SAE certificate on the JUNOS routing platform:

1. Include the following statements at the [edit security certificates certificate-authority] hierarchy level.

   [edit security certificates certificate-authority]

   security{

   certificates{

   certificate-authority SAECert{

   file /var/db/certs/cert.pem;

   }

   }

   }

2. Include the following statements at the [system services service-deployment] hierarchy level.

   system{

   services{

   service-deployment{

   servers {

   server-address port port-number{

   security-options {

   tls;

   }

   }

   }

   }

   }

   }

Related Topics

• Configuring Secure Connections Between the SAE and JUNOS Routing Platforms
• Creating a Client Certificate for the Router
• Adding the Client Certificate on the Router
• Configuring the SAE to Use TLS

Copyright © 2009, Juniper Networks, Inc. All rights reserved. Trademark Notice.