Update Server Certificate

Associate your own custom SSL certificate with the Juniper Security Director Server.

By default, Juniper Security Directoruses a self-signed SSL certificate. However, Juniper Security Director provides an option to associate your own custom SSL certificate.

Additionally, a minor system fault is generated when a certificate is expiring within 30 days, and a major system fault is generated when a certificate has already expired.

Before You Begin

Ensure that X.509 certificate and private key or PKCS#12 certificates are available on your local machine.

To update the server certificate:

Select Administration > Server Certificate.
The Server Certificate page is displayed.
Select the certificate type.
You can upload the certificate in X.509 or PKCS#12 format.
Browse to upload the server certificate from your local machine.
- Supported PKCS#12 certificate extensions are .p12 and .pfx.
- Supported X.509 certificate extensions are .crt, .pem and .cer in Privacy-Enhanced Mail (PEM) format.
  
  Distinguished Encoding Rules (DER) format is not supported.
An option to view the details of the uploaded certificate appears.
Browse to upload the private key for a certificate in X.509 format, from your local machine.
Enter the password for private key. Password is required for both X.509 and PKCS#12 certificate formats.
Click View Certificate to see the details of the uploaded certificate, like the certificate name, issue, serial no., validity period, and so on.
The View Certificate window appears.
Click Update Certificate.
Current certificate displays the updated certificate.
[Optional] Click Reset to Default to revert to the default self-signed Juniper certificate on Juniper Security Director OVA in case the user-provided custom certificate encounters issues or fails validation.