local-certificate (System)
Syntax
local-certificate name;
Hierarchy Level
[edit system services service-deployment], [edit system services grpc request-response grpc ssl], [edit system ntp nts]
Description
Specify the SSL certificate to use to authenticate the local device for system services, gRPC Remote Procedure Calls (gRPC), and Network Time Security (NTS) using Network Time Protocol (NTP).
Specify the name of a local certificate. There is no
default for local-certificate. The value for
local-certificate should be the same as the name provided
during the import of the certificate. You can import the certificate using the CLI
configuration statement local at the [edit security
certificates] hierarchy level. Alternatively, on supported devices, you
can import the certificate into the Junos public key infrastructure (PKI) by using
the request security pki local-certificate load operational mode
command.
set system ntp nts local-certificate nts-cert to configure local
NTS certificate. The server provides a local certificate and the certificate ID to the
client for verification, that is loaded on to the device during certificate enrollment.
The server must configure the local-certificate. The client verifies the certificate
sent by the server and proceeds with time synchronization if server certificate is
valid. If you load the local certificate in the Junos PKI on supported devices, you must
configure both the local-certificate statement and the
use-pki statement at the same hierarchy level. The
use-pki statement instructs the device to search the PKI
database for local certificates.
Required Privilege Level
admin—To view this statement in the configuration.
admin-control—To add this statement to the configuration.
Release Information
Statement introduced before Junos OS Release 7.4.
Statement introduced for the [edit system services extension-service
request-response thrift] hierarchy level in Junos OS Release 16.1 for
MX80, MX480, MX960, MX2010, MX2020, vMX, and PTX Series.