Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

close
keyboard_arrow_left
Junos CLI Reference
Table of Contents Expand all
list Table of Contents
file_download PDF
keyboard_arrow_right

initiation (Services)

date_range 19-Nov-23

Syntax

content_copy zoom_out_map
initiation{
    profile name {
        actions {
            crl {
                disable disable;
                if-not-present (allow | drop);
                ignore-hold-instruction-code ignore-hold-instruction-code;
            }
            ignore-server-auth-failure ignore-server-auth-failure;
        }
        client-certificate client-certificate;
        custom-ciphers  (ecdhe-rsa-with-3des-ede-cbc-sha | ecdhe-rsa-with-aes-128-cbc-sha | ecdhe-rsa-with-aes-128-cbc-sha256 | ecdhe-rsa-with-aes-128-gcm-sha256 | ecdhe-rsa-with-aes-256-cbc-sha | ecdhe-rsa-with-aes-256-cbc-sha384 | ecdhe-rsa-with-aes-256-gcm-sha384 | rsa-export-with-des40-cbc-sha | rsa-export-with-rc4-40-md5 | rsa-export1024-with-des-cbc-sha | rsa-export1024-with-rc4-56-md5 | rsa-export1024-with-rc4-56-sha | rsa-with-3des-ede-cbc-sha | rsa-with-aes-128-cbc-sha | rsa-with-aes-128-cbc-sha256 | rsa-with-aes-128-gcm-sha256 | rsa-with-aes-256-cbc-sha | rsa-with-aes-256-cbc-sha256 | rsa-with-aes-256-gcm-sha384 | rsa-with-des-cbc-sha | rsa-with-null-md5 | rsa-with-null-sha | rsa-with-rc4-128-md5 | rsa-with-rc4-128-sha);
        enable-flow-tracing enable-flow-tracing;
        enable-session-cache enable-session-cache;
        preferred-ciphers (custom | medium | strong | weak);
        protocol-version (all | ssl3 | tls1 | tls11 | tls12);
        trusted-ca ;
    }
}

Hierarchy Level

content_copy zoom_out_map
[edit services ssl]

Description

Specify the configuration for Secure Socket Layer (SSL) initiation support service. The SRX Series Firewall, acting as an SSL proxy client, initiates and maintains SSL sessions between itself and an SSL server. SRX Series Firewall receives un-encrypted data from an HTTP client, and encrypts and transmits the data as ciphertext to the SSL server.

Options

  • client-certificate—Local certificate.

The remaining statements are explained separately. See CLI Explorer.

Required Privilege Level

services—To view this statement in the configuration.

services-control—To add this statement to the configuration.

Release Information

Statement introduced in Junos OS Release 12.1X44-D10. The protocol-version statement is updated to include tls11 and tls12 from Junos OS Release 15.1X49-D30.

external-footer-nav