request security pki generate-certificate-request (Security)

Syntax

Manually generate a local digital certificate request in the Public-Key Cryptography Standards #10 (PKCS-10) format.

certificate-id `certificate-id-name`	Name of the local digital certificate and the public/private key pair.
domain-name `domain-name`	Fully qualified domain name (FQDN) provides the identity of the certificate owner for Internet Key Exchange (IKE) negotiations and provides an alternative to the subject name.
subject `subject-distinguished-name`	Distinguished name format contains the following information: `DC`—Domain component `CN`—Common name `OU`—Organizational unit name `O`—Organization name `L`—Locality `ST`—State `C`—Country
digest	(Optional) Hash algorithm used to sign the certificate request. `sha1`—SHA-1 digests (default value for RSA or DSA only). `sha256`—SHA-256 digests for RSA or ECDSA only (default value for ECDSA). `sha-384`—SHA-384 digests for ECDSA only. Starting in Junos OS Release 18.1R3, the default encryption algorithm that is used for validating automatically and manually generated self-signed PKI certificates is Secure Hash Algorithm 256 (SHA-256). Prior to Junos OS Release 18.1R3, SHA-1 is used as default encryption algorithm.
email `email-address`	(Optional) E-mail address of the certificate holder.
filename (`path` \| terminal)	(Optional) Location where the local digital certificate request should be placed or the login terminal.
ip-address `ip-address`	(Optional) IP address of the router.

maintenance

When you enter this command, you are provided feedback on the status of your request.

Command introduced in Junos OS Release 7.5. Support for digest option added in Junos OS Release 12.1X45-D10.