[Contents] [Prev] [Next] [Index] [Report an Error]

Using Automatically Generated Self-Signed Certificates (CLI Procedure)

After the device is initialized, it checks for the presence of a self-signed certificate. If a self-signed certificate is not present, the device automatically generates one.

You can add the following statement to your configuration if you want to use the automatically generated self-signed certificate to provide access to HTTPS services:

system {
	services {
		web-management {
			http {
				interface [ ... ];
			} https {
				system-generated-certificate;
				interface [ ... ];
			}
		}
	}
}

The device uses the following distinguished name for the automatically generated certificate:

“ CN=<device serial number>, CN=system generated, CN=self-signed”

Use the following command to specify that the automatically generated self-signed certificate is to be used for Web management HTTPS services:

user@host# set system services web-management https system-generated-certificate

Use the following operational command to delete the automatically generated self-signed certificate:

user@host# clear security pki local-certificate system-generated

After you delete the system-generated self-signed certificate, the device automatically generates a new one and saves it in the file system.

Related Topics

[Contents] [Prev] [Next] [Index] [Report an Error]


[an error occurred while processing this directive]