Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
ON THIS PAGE
 

tls (HTTP Servers)

Syntax

Hierarchy Level

Description

Configure Transport Layer Security (TLS) settings for the given server.

You must specify the local certificate that the server uses for authentication. You can optionally configure mutual authentication and define the settings that the network device uses for the client certificate.

Options

authentication-type

(Optional) Specify the requirement for client certificates.

  • dont-request-cert—Do not request a client certificate.

    Note:

    We strongly recommend that you use this option in a test environment only.

  • request-and-require-cert-and-verify—Require a certificate from the client and verify the certificate.

  • request-and-require-cert-but-dont-verify—Require a certificate from the client but do not verify the certificate.

  • request-cert-and-verify—Request a certificate from the client and verify if provided.

  • request-cert-but-dont-verify—Request a certificate from the client but do not verify the certificate.

  • Default: request-and-require-cert-and-verify
certificate-authority certificate-authority-profile-name

Specify the name of a certificate authority profile that is used to validate the certificate provided by a client. The profile must be configured at the [edit security pki (ca-profile | ca-profile-group)] hierarchy level.

The remaining statements are explained separately. See CLI Explorer.

Required Privilege Level

system—To view this statement in the configuration.

system-control—To add this statement to the configuration.

Release Information

Statement introduced in Junos OS Release 25.2R1 and Junos OS Evolved Release 25.2R1.

Related Documentation