Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

close
keyboard_arrow_left
Junos CLI Reference
Table of Contents Expand all
list Table of Contents
file_download PDF
keyboard_arrow_right

show services ssl proxy certificate-cache entries

date_range 19-Nov-23

Syntax

content_copy zoom_out_map
show services ssl proxy certificate–cache entries [detail |  summary]
<pic-info fpc-slot slot number pic-slot slot-number>

Description

Display information about the entries stored in the SSL proxy certificate cache.

Note:

When the CLI is in logical system context mode and you enter an operational-mode command, the output of the command displays information related to the logical system only.

Options

pic-info fpc-slot slot number pic-slot slot-number

Display the information for the FPC in the specified slot.

detail

Display the detail information about the SSL proxy certificate cache entries.

summary

Display the summary of the SSL proxy certificate cache entries.

Required Privilege Level

view

Output Fields

Table 1 lists the output fields for the show services ssl proxy certificate-cache command. Output fields are listed in the approximate order in which they appear.

Table 1: show services ssl proxy certificate-cache Output Fields

Field Name

Field Description

Level of Output

Cache Entries

Index number of the entry.

summary, detail

Serial number

Serial number of the server certificate.

summary, detail

SSL-I Profile Id

SSL initiation profile identification number.

summary, detail

Num of CRL updates

Number of times the CRL updates done till the interdicted certificate is added to the certificate-cache.

summary, detail

Status

Status of the cache entry. That is—whether the cache entry has expired or not, because the cache entries are valid only for short interval.

detail

Interdicted cert type

Interdicted certificate details such as type and authentication status.

detail

Server cert verification result

Server certificate validation results.

detail

Cert reference count

Certificate reference count.

detail

Issuer

Authority that issued the digital certificate, including details of the authority organized using the distinguished name format.

detail

Subject

Details of the digital certificate holder organized using the distinguished name format.

detail

Sample Output

command-name

content_copy zoom_out_map
user@host > show services ssl proxy certificate-cache entries summary
Lsys Name : root-logical-system
PIC:fwdd0 fpc[0] pic[0] ------
Cache Entries : 1 
Serial number : 0x12345678 
SSL-I Profile Id: 1 
Num of CRL updates: 0

command-name

content_copy zoom_out_map
user@host > show services ssl proxy certificate-cache entries detail
Lsys Name : root-logical-system
PIC:fwdd0 fpc[0] pic[0] ------
Cache entrie : 1 
Serial number : 0x12345678 
SSL-I Profile Id: 1 
Num of CRL updates: 0 
Status: Active: Time to expire 570 seconds 

Cert Info: 
------------- 
Interdicted cert type [0x0]: CA issued, Authentication failed 
Server cert verification result: unable to get local issuer certificate [0x14] 
Cert reference count: 2 
Subject: /C=IN/ST=KA/O=XYZ Inc/CN=XYZ Root CA/emailAddress=host@xyz.com 
Issuer: /CN=SSL-PROXY:DUMMY_CERT:GENERATED DUE TO SRVR AUTH FAILURE 

Release Information

Command introduced in Junos OS Release 19.3R1.

external-footer-nav