Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
ON THIS PAGE
 

https (Web Management)

Syntax

Hierarchy Level

Description

Configure the secure version of the HTTP service, HTTPS, which is encrypted.

Options

interface [ interface-names ]

Specify the name of one or more interfaces on which to accept access through the HTTPS service. By default, HTTPS access is allowed through any ingress interface, but HTTP access is allowed through built-in Fast Ethernet or Gigabit Ethernet interfaces only.
( local-certificate name | pki-local-certificate name | system-generated-certificate )

Specify the X.509 certificate type for a Secure Sockets Layer (SSL) connection.

  • Values: Specify one of the following:

    • local-certificate name—Specify the name of the X.509 certificate. You configure the local certificate at the [edit security certificates local] hierarchy level.

    • pki-local-certificate name—(EX, QFX, and SRX Series only) Specify the name of the X.509 certificate that is generated by the public key infrastructure (PKI) and authenticated by a certificate authority (CA).

    • system-generated-certificate—(EX, QFX, and SRX Series only) Automatically generate a self-signed X.509 certificate for enabling the HTTPS service.
port port-number

Configure the TCP port number on which to connect the HTTPS service.

  • Range: 1 through 65,535
virtual-domain [virtual-domain-name]

Specify the virtual-domain name for certificate mapping. Name of the virtual-domain in FQDN format (host.example.com).

  • Alphabets, numerical, dashes, dot, and underscores are allowed but not exceed 249 characters.

  • Only DNS or Server hostnames are supported as virtual domain names but not IP addresses.

  • Duplicate entries are not allowed.

  • Maximum number of allowed virtual domains is 50.
pki-local-certificate [pki-local-certificate-name]

Specify the name of the X.509 certificate that is generated to use from the PKI local store for certificate mapping.

Required Privilege Level

system—To view this statement in the configuration.

system-control—To add this statement to the configuration.

Release Information

Statement introduced before Junos OS Release 7.4.

pki-local-certificate introduced in Junos OS Release 9.1 for SRX Series.

system-generated-certificate introduced in Junos OS Release 11.1 for EX Series.

Statement introduced on the SRX5400, SRX5600, and SRX5800 devices starting from Junos OS Release 12.1X44-D10 and on vSRX Virtual Firewall, SRX300, SRX320, SRX340, SRX345, SRX380, SRX550M, and SRX1500 Services Gateways starting from Junos OS Release 15.1X49-D40.

virtual-domain statement is introduced in Junos OS Release 23.1R1

Related Documentation