host1(config)#
ipsec key zeroize rsa
■
There is no
no
version.
■
See ipsec key zeroize.
organization
■
Use to specify the organization used in the Subject Name field of certificates.
■
Example
host1(config-ipsec-identity)#
organization juniperNetworks
■
Use the
no
version to remove the organization name.
■
See organization.
Configuring Digital Certificates Using the Online Method
To use the online configuration method to set up digital certificates on the router:
1.
Generate the RSA key pair.
host1(config)#
ipsec key generate rsa 2048
Please wait.................................................
..........................
IPsec Generate Keys complete
2.
In your IKE policy, set the authentication method to RSA signatures.
host1(config)#
ipsec ike-policy-rule 1
host1(config-ike-policy)#
authentication rsa-sig
host1(config-ike-policy)#
exit
NOTE:
For more information about setting up IKE policies, see “Defining an IKE
Policy” on page 156 in “Configuring IPSec” on page 125.
3.
Enter IPSec CA Identity Configuration mode, and specify the name of the
certificate authority.
host1(config)#
ipsec ca identity trustedca1
host1(config-ca-identity)#
4.
Specify the name of the CA issuer.
host1(config-ca-identity)#
issuer-identifier BetaSecurityCorp
5.
Specify the URL of the SCEP server from which the CA certificates and the router's
public certificates is retrieved.
host1(config-ca-identity)#
enrollment url http://192.168.99.105/scepurl
6.
(Optional) Set the sensitivity of how the router handles CRLs.
Configuring Digital Certificates Using the Online Method
■
227
Chapter 8: Configuring Digital Certificates
Summary of Contents for IP SERVICES - CONFIGURATION GUIDE V 11.1.X
Page 6: ...vi...
Page 8: ...viii JUNOSe 11 1 x IP Services Configuration Guide...
Page 18: ...xviii Table of Contents JUNOSe 11 1 x IP Services Configuration Guide...
Page 20: ...xx List of Figures JUNOSe 11 1 x IP Services Configuration Guide...
Page 22: ...xxii List of Tables JUNOSe 11 1 x IP Services Configuration Guide...
Page 28: ...2 Chapters JUNOSe 11 1 x IP Services Configuration Guide...
Page 138: ...112 Monitoring J Flow Statistics JUNOSe 11 1 x IP Services Configuration Guide...
Page 286: ...260 Monitoring IP Tunnels JUNOSe 11 1 x IP Services Configuration Guide...
Page 312: ...286 Monitoring IP Reassembly JUNOSe 11 1 x IP Services Configuration Guide...
Page 357: ...Part 2 Index Index on page 333 Index 331...
Page 358: ...332 Index JUNOSe 11 1 x IP Services Configuration Guide...