You can add the following statement to your configuration if you want to use the automatically generated self-signed certificate to provide access to HTTPS services:
system {
services {
web-management {
http {
interface [ ... ];
} https {
system-generated-certificate;
interface [ ... ];
}
}
}
}
The device uses the following distinguished name for the automatically generated certificate:
-
“ CN=<device serial number>, CN=system generated,
CN=self-signed”
Use the following command to specify that the automatically generated self-signed certificate is to be used for Web management HTTPS services:
- user@host# set system services web-management
https system-generated-certificate
Use the following operational command to delete the automatically generated self-signed certificate:
- user@host# clear security pki local-certificate system-generated
After you delete the system-generated self-signed certificate, the device automatically generates a new one and saves it in the file system.