Technical Documentation

Example: Requesting a CA Digital Certificate

Specify a URL to the SCEP server and the name of the certification authority whose certificate you want: mycompany.com. filename 1 is name of the file that stores the result. The output, "Received CA certificate:" provides the signature for the certificate, which allows you to verify (offline) that the certificate is genuine.

user@host> request security certificate enroll filename ca_verisign ca-file verisign ca-name xyzcompany urlhttp://hostname/path/filenameURL: http://hostname/path/filename name: juniper.net CA file: verisign Encoding: binary Certificate enrollment has started. To see the certificate enrollment status, check the key management process (kmd) log file at /var/log/kmd. <--------------

Note: Each router is initially manually enrolled with a certificate authority.


Published: 2010-04-26