Juniper Networks J6350 Network Router User Manual


 
Obtain an SSL certificate from a trusted signing authority. See Generating SSL
Certificates on page 155.
Generating SSL Certificates
To enable secure Web access, you must first generate a digital SSL certificate, and
then enable HTTPS access on the Services Router.
To generate an SSL certificate:
1.
Enter the following openssl command in your Secure Shell command-line
interface. The openssl command generates a self-signed SSL certificate in the
privacy-enhanced mail (PEM) format. It writes the certificate and an unencrypted
1024-bit RSA private key to the specified file.
% openssl req x509 nodes newkey rsa:1024 keyout filename.pem -out
filename.pem
Replace filename with the name of a file in which you want the SSL certificate
to be writtenfor example, new.pem.
2. When prompted, type the appropriate information in the identification form.
For example, type US for the country name.
3.
Display the contents of the file new.pem.
cat new.pem
Copy the contents of this file for installing the SSL certificate.
You can use either J-Web Quick Configuration or a configuration editor to install the
SSL certificate and enable HTTPS.
Configuring Secure Web Access
Navigate to the Secure Access Quick Configuration page by selecting
Configuration>Quick Configuration>Secure Access. On this page, you can enable
HTTP and HTTPS access on interfaces for managing Services Routers through the
Web interface. You can also install SSL certificates and enable JUNOScript over SSL
with the Secure Access page.
Figure 72 on page 156 shows the Secure Access Quick Configuration page.
Configuring Secure Web Access 155
Chapter 8: Configuring Secure Web Access