SSL VPN
Reply
Contributor
quartino
Posts: 15
Registered: ‎02-16-2009
0

install existing ssl certificate

Hi,

we just bought a Juniper SA 2500, now we want to install our existing certificate.

the certificate we have is a mail that contains the certificate in this way

 

-----BEGIN CERTIFICATE-----

fashjkflhajkfhajkfhasdhfjasdfh........

-----END CERTIFICATE-----



How can we import this certificate in our Juniper?

If we try to import we get that it should be a PEM or PCKS12 format.....

Thank you.

 

 

Distinguished Expert
firewall72
Posts: 826
Registered: ‎05-04-2008
0

Re: install existing ssl certificate

Hi,

 

I would try copying the cert into a text file and save it with the .cer extension.  Then import into the SA.  Be sure to copy the "begin..." and "end..." rows as well.

 

 

John Judge
JNCIS-SEC, JNCIS-ENT,

If this solves your problem, please mark this post as "Accepted Solution". Kudos are appreciated.
Recognized Expert
Kita
Posts: 477
Registered: ‎12-23-2010
0

Re: install existing ssl certificate

Hello Quartino,

 

Did you generate the certificate signing request (CSR) from the SA device?  If so, you'll want to go to the pending request and install the certificate using the import option.  You can simply copy and paste the content from the email and place it in a text file, then browse to the file.  If the CSR was not generated from the SA device, you'll need to the private key (which generated the CSR file) and the public key (the one from the email) and use the Import Certificate & Key option.

Contributor
quartino
Posts: 15
Registered: ‎02-16-2009
0

Re: install existing ssl certificate

Hi Kita,

Actually I found the certificate but it's on format *.cert, if I try to install on the Juniper I get the error message "could not read certificate format".

I have the public key (the one from the email), the private key is the CSR I created from the Juniper at the time I asked for the certificate?

Moderator
Brij
Posts: 14
Registered: ‎10-09-2008
0

Re: install existing ssl certificate

Which IVE OS version is running on the  SA device?

Moderator
zanyterp
Posts: 2,300
Registered: ‎11-19-2007
0

Re: install existing ssl certificate

Yes, you are correct.

 

If the CSR is still present on the unit, you will go into the CSR and import the .cert file. If you saved it off, you will import it using the standard import mechanism and choose both files (key and cert)

Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.