Import local certificates and CA certificates from your computer into the managed device to
authenticate SSL.
SSL uses public-private key technology that requires a paired private key and an
authentication certificate for providing the SSL service. SSL encrypts communication between
your device and the web browser with a session key negotiated by the SSL server
certificate.
-
Select SRX > Device Management >
Devices.
The Devices page opens.
-
Select the device or the device cluster, and click More
>View Inventory.
-
Click Device Administration >
Certificates.
-
Click one of the following:
-
Import in the Local Certificates section to open the Import
Certificate page.
-
Import in the CA Certificates section to open the Import CA
Certificate page.
Click Generate Default Trusted CAs if you need to generate
default trusted CA profiles.
-
Complete the configuration of the certificate according to the guidelines provided in
Table 1.
Table 1: Fields on Import Certificate Page
Field
|
Description
|
Certificate ID
|
Enter a unique value for the certificate ID for an externally generated
certificate.
The certificate ID is used to create a key pair along with the algorithm to
associate with the key.
|
Upload Certificate
|
The option to navigate to and upload the certificate.
Click Browse to navigate to the location of the
certificate. Juniper Security Director Cloud supports only the PEM format for
local certificates.
|
Upload Private Key
|
The option to navigate to and upload the private key.
Click Browse to navigate to the location of the
private key. Juniper Security Director Cloud supports only the PEM format for
private keys.
|
Passphrase
|
Enter the passphrase used to protect the private key or key pair of the
certificate file.
|
Table 2: Fields on the Import CA Certificate Page
Field |
Description |
CA Profile ID
|
Enter a unique value for the CA profile ID for an externally generated
certificate.
The CA profile ID is used to create a key pair along with the algorithm to
associate with the key.
|
Upload certificate
|
The option to navigate to and upload the certificate.
Click Browse to navigate to the location of the
certificate. Juniper Security Director Cloud supports only the CER format for
CA certificates.
|
-
Click OK.
If the certificate content is validated successfully, the
certificate is imported. After importing a certificate, you can use the certificate when you
create an SSL proxy profile and for IPsec VPN peers authentication.