request security pki node-local local-certificate re-enroll
Syntax
request security pki node-local local-certificate re-enroll (cmpv2 | scep) certificate-id certificate-id ca-profile profile-name challenge-password password <re-generate-keypair> <scep-digest-algorithm> <scep-encryption-algorithm>
Description
Manually reenroll an end-entity (EE) certificate with Certificate Management Protocol version 2
(CMPv2) or with Simple Certificate Enrollment Protocol (SCEP). This command
initiates renewal of the EE certificate using the selected protocol and you can use
the command in conjunction with the set security pki
auto-re-enrollment command for automatic enrollment.
Options
| scep | Enroll end-entity certificate using SCEP protocol |
| cmpv2 | Enroll certificate using CMPv2 protocol |
| ca-profile-name ca-profile-name |
(Optional) CA profile name. |
| certificate-id certificate-id-name |
Name of the local digital certificate. |
| challenge-password | Password used by CA for enrollment and revocation |
| re-generate-keypair |
(Optional) Generate a PKI public/private key pair for the EE certificate. Key generation might take a few seconds. |
| scep-digest-algorithm | Hash algorithm used for SCEP-PKCS7 |
| scep-encryption-algorithm | Encryption algorithm used for SCEP-PKCS7 |
Required Privilege Level
maintenance and security
Output Fields
This command produces no output.
Release Information
Command introduced in Junos OS Release 22.3R1.