Generating SSL Certificates for the SRX650 Services Gateway
To enable secure Web access, you must first generate a digital SSL certificate and then enable HTTPS access on the services gateway.
To generate an SSL certificate:
- Enter the following openssl command
in your SSH CLI. The openssl command generates a self-signed
SSL certificate in Privacy-Enhanced Mail (PEM) format. It writes the
certificate and an unencrypted 1024-bit RSA private key to the specified
% openssl req –x509 –nodes –newkey rsa:1024 –keyout filename.pem -out filename.pem
Replace filename with the name of a file in which you want the SSL certificate to be written—for example, new.pem.
- When prompted, type the appropriate information in the identification form. For example, type US for the country name.
- Display the contents of the file new.pem.
Copy the contents of this file for installing the SSL certificate.
You can use either J-Web Quick Configuration or a configuration editor to install the SSL certificate and enable HTTPS.