- pki {
-
- auto-re-enrollment {
-
- certificate-id certificate-id-name
{
- ca-profile-name ca-profile-name
;
- challenge-password password
;
- re-enroll-trigger-time-percentage percentage
;
- re-generate-keypair;
- }
- }
-
- ca-profile ca-profile-name {
-
- administrator {
- e-mail-address e-mail-address
;
- }
- ca-identity ca-identity ;
-
- enrollment {
- retry number;
- retry-interval seconds;
- url url-name;
- }
-
- revocation-check {
-
- crl {
-
- disable {
- on-download-failure;
- }
- refresh-interval hours ;
- url
url-name ;
- }
- disable;
- }
- }
-
- traceoptions {
- file
filename <files number > <match regular-expression>
- <size maximum-file-size
> <world-readable | no-world-readable>
- flag
flag ;
- }
- }
- [edit security]
Statement modified in Release 8.5 of JUNOS software.
Configure an IPsec profile to request digital certificates.
This statement is supported on J-series and SRX-series devices.
The remaining statements are explained separately.
For configuration instructions and examples, see the JUNOS Software Security Configuration Guide.
security—To view this statement in the configuration.
security-control—To add this statement to the configuration.
JUNOS Feature Guide and the JUNOS System Basics and Services Command Reference