Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Public Key Infrastructure (PKI)

  • TPM-based certificate support for advanced anti-malware protection (SRX1600, SRX2300, and SRX4300)—Starting in Junos OS Release 24.2R1, your SRX Series Firewalls use Trusted Platform Module based (TPM-based) certificates for advanced anti-malware (AAMW) protection. To use the TPM-based certificates:

    • The firewall loads the certificate using PKI during the device's start and restart operation. To view the certificate ID, referred as idev-id, use the show security pki node-local local-certificate certificate-id idev-id command.

    • The SSL Initiation uses the certificate for Transport Layer Security (TLS) connection to authenticate the device. You can configure the tpm option using the set services ssl initiation profile profile-name crypto-hardware-offload command.

    [See show security pki node-local local-certificate, and profile (SSL Initiation).]