Supported Platforms
Generating SSL Certificates to Be Used for Secure Web Access
You can set up secure Web access for an EX Series switch. To enable secure Web access, you must generate a digital Secure Sockets Layer (SSL) certificate and then enable HTTPS access on the switch.
To generate an SSL certificate:
- Enter the following openssl command
in your SSH command-line interface on a BSD or Linux system on which openssl is installed. The openssl command generates
a self-signed SSL certificate in the privacy-enhanced mail (PEM) format.
It writes the certificate and an unencrypted 1024-bit RSA private
key to the specified file.
% openssl req –x509 –nodes –newkey rsa:1024 –keyout filename.pem -out filename.pem
where filename is the name of a file in which you want the SSL certificate to be written—for example, my-certificate.
- When prompted, type the appropriate information in the identification form. For example, type US for the country name.
- Display the contents of the file that you created.
cat my-certificate.pem
You can use the J-Web Configuration page to install the SSL certificate on the switch. To do this, copy the file containing the certificate from the BSD or Linux system to the switch. Then open the file, copy its contents, and paste them into the Certificate box on the J-Web Secure Access Configuration page.
You can also use the following CLI statement to install the SSL certificate on the switch:
[edit]
user@switch# set
security certificates local my-signed-cert load-key-file my-certificate.pem
