Public Key Infrastructure (PKI)
-
TPM-based certificate support for advanced anti-malware protection (SRX1600, SRX2300, and SRX4300)—Starting in Junos OS Release 24.2R1, your SRX Series Firewalls use Trusted Platform Module based (TPM-based) certificates for advanced anti-malware (AAMW) protection. To use the TPM-based certificates:
-
The firewall loads the certificate using PKI during the device's start and restart operation. To view the certificate ID, referred as idev-id, use the
show security pki node-local local-certificate certificate-id idev-id
command. -
The SSL Initiation uses the certificate for Transport Layer Security (TLS) connection to authenticate the device. You can configure the
tpm
option using theset services ssl initiation profile profile-name crypto-hardware-offload
command.
[See show security pki node-local local-certificate, and profile (SSL Initiation).]
-