Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Import a Device Certificate

Import local certificates and CA certificates from your computer into the managed device to authenticate SSL.

SSL uses public-private key technology that requires a paired private key and an authentication certificate for providing the SSL service. SSL encrypts communication between your device and the web browser with a session key negotiated by the SSL server certificate.

  1. Select SRX > Device Management > Devices.

    The Devices page opens.

  2. Select the device or the device cluster, and click More >View Inventory.
  3. Click Device Administration > Certificates.
  4. Click one of the following:
    • Import in the Local Certificates section to open the Import Certificate page.

    • Import in the CA Certificates section to open the Import CA Certificate page.

      Click Generate Default Trusted CAs if you need to generate default trusted CA profiles.

  5. Complete the configuration of the certificate according to the guidelines provided in Table 1.
    Table 1: Fields on Import Certificate Page

    Field

    Description

    Certificate ID

    Enter a unique value for the certificate ID for an externally generated certificate.

    The certificate ID is used to create a key pair along with the algorithm to associate with the key.

    Upload Certificate

    The option to navigate to and upload the certificate.

    Click Browse to navigate to the location of the certificate. Juniper Security Director Cloud supports only the PEM format for local certificates.

    Upload Private Key

    The option to navigate to and upload the private key.

    Click Browse to navigate to the location of the private key. Juniper Security Director Cloud supports only the PEM format for private keys.

    Passphrase

    Enter the passphrase used to protect the private key or key pair of the certificate file.

    Table 2: Fields on the Import CA Certificate Page
    Field Description

    CA Profile ID

    Enter a unique value for the CA profile ID for an externally generated certificate.

    The CA profile ID is used to create a key pair along with the algorithm to associate with the key.

    Upload certificate

    The option to navigate to and upload the certificate.

    Click Browse to navigate to the location of the certificate. Juniper Security Director Cloud supports only the CER format for CA certificates.

  6. Click OK.

If the certificate content is validated successfully, the certificate is imported.

After importing a certificate, you can use the certificate when you create an SSL proxy profile and for IPsec VPN peers authentication.