Switching

last person joined: 19 hours ago 

Ask questions and share experiences about EX and QFX portfolios and all switching solutions across your data center, campus, and branch locations.

  • 1.  EX SSL Certificate

    Posted 06-11-2009 10:58

    Hi,

     

    I'm running 9.5 on our lab boxes and trying to enable HTTPS.  I was unable to use the "openssl" command to create the certificate from the shell like it mentions in the JUNOS guide.  However, I was able to accomplish this from another Linux box.  When I import the certifcate, enable on interface, and commit, all is OK.  However, I still can't connect using HTTPS.

     

    Thoughts?  Thank you.

     

    -John



  • 2.  RE: EX SSL Certificate
    Best Answer

    Posted 06-11-2009 11:07

    Not sure if this will help - but this is a quick recap of my notes on certs for JUNOS-ES - 

     

    1- Create a cert using whatever tool - I personally use Openssl.

    2- Ftp the cert to your router

    3- Install the cert onto the box -

     

    set security certificates local jcert.pem new load-key-file jcert.pem (where jcert.pem is the name of the file containing the RSA key and cert data)

     

    This command loads and activates the cert on the box.

     

    4- Then set the https service on:

     

    set web-management https local-certificate jcert.pem interface ge-0/0/3.0 .......


  • 3.  RE: EX SSL Certificate

    Posted 06-11-2009 12:55

    Hi Kevin,


    That did the trick.  Shame on me for following the J-Web approach in the guide.  I think my issue was related to the copy and pasting of the cert into the UI.  I went through the CLI and it worked like a charm.  Thanks again.

     

    -John