show services ssl proxy certificate-cache entries
Syntax
show services ssl proxy certificate–cache entries [detail | summary] <pic-info fpc-slot slot number pic-slot slot-number>
Description
Display information about the entries stored in the SSL proxy certificate cache.
When the CLI is in logical system context mode and you enter an operational-mode command, the output of the command displays information related to the logical system only.
Options
| pic-info fpc-slot slot number pic-slot slot-number | Display the information for the FPC in the specified slot. |
| detail | Display the detail information about the SSL proxy certificate cache entries. |
| summary | Display the summary of the SSL proxy certificate cache entries. |
Required Privilege Level
view
Output Fields
Table 1 lists
the output fields for the show services ssl proxy certificate-cache command. Output fields are listed in the approximate order in which
they appear.
Field Name |
Field Description |
Level of Output |
|---|---|---|
|
Index number of the entry. |
summary, detail |
|
Serial number of the server certificate. |
summary, detail |
|
SSL initiation profile identification number. |
summary, detail |
|
Number of times the CRL updates done till the interdicted certificate is added to the certificate-cache. |
summary, detail |
|
Status of the cache entry. That is—whether the cache entry has expired or not, because the cache entries are valid only for short interval. |
detail |
|
Interdicted certificate details such as type and authentication status. |
detail |
|
Server certificate validation results. |
detail |
|
Certificate reference count. |
detail |
|
Authority that issued the digital certificate, including details of the authority organized using the distinguished name format. |
detail |
|
Details of the digital certificate holder organized using the distinguished name format. |
detail |
Sample Output
command-name
user@host > show services ssl proxy certificate-cache entries summary
Lsys Name : root-logical-system
PIC:fwdd0 fpc[0] pic[0] ------
Cache Entries : 1
Serial number : 0x12345678
SSL-I Profile Id: 1
Num of CRL updates: 0command-name
user@host > show services ssl proxy certificate-cache entries detail
Lsys Name : root-logical-system
PIC:fwdd0 fpc[0] pic[0] ------
Cache entrie : 1
Serial number : 0x12345678
SSL-I Profile Id: 1
Num of CRL updates: 0
Status: Active: Time to expire 570 seconds
Cert Info:
-------------
Interdicted cert type [0x0]: CA issued, Authentication failed
Server cert verification result: unable to get local issuer certificate [0x14]
Cert reference count: 2
Subject: /C=IN/ST=KA/O=XYZ Inc/CN=XYZ Root CA/emailAddress=host@xyz.com
Issuer: /CN=SSL-PROXY:DUMMY_CERT:GENERATED DUE TO SRVR AUTH FAILURE Release Information
Command introduced in Junos OS Release 19.3R1.