Rate and give feedback:
Feedback Received. Thank You!
Obtaining a Signed Certificate from the CA for an ES PIC
To obtain a signed certificate from the CA, issue the following command:
user@host> request security certificate enroll filename filename subject c=us,o=x alternative-subject certificate-ip-address certification-authority certificate-authority key-file key-file-name domain-name domain-name
The results are saved in a specified file to the /var/etc/ikecert directory.
The following example shows how to obtain
a CA signed certificate by referencing the configured certification-authority statement local . This statement is referenced by the request security certificate enroll filename m subject c=us,0=x alternative subject 1.1.1.1 certification-authority command.
[edit]security {certificates {certification-authority local {ca-name xyz.company.com;file l;enrollment-url "http://www.xyzcompany.com";}}}
To obtain a signed certificate from the
CA, issue the following command:
user@host> request security certificate enroll filename I subject c=uk,o=london alternative-subject 10.50.1.4 certification-authority verisign key-file host-1.prv domain-name host.xyzcompany.comCA name: xyz.company.com CA file: ca_verisignlocal pub/private key pair: host.prvsubject: c=uk,o=london domain name: host.juniper.netalternative subject: 10.50.1.4Encoding: binaryCertificate enrollment has started. To see the certificate enrollment status, check the key management process (kmd) log file at /var/log/kmd. <--------------
For information about how to use the operational
mode commands to obtain a signed certificate, see the Junos OS System Basics and Services Command Reference .
Another way to obtain a signed certificate from
the CA is to reference the configured statements such as the URL,
CA name, and CA certificate file by means of the certification-authority statement:
user@host> request security certificate enroll filename m subject c=us ,o=x alternative-subject 1.1.1.1 certification-authority local key-file y domain-name abc.company.com
Published: 2012-07-03
