Generating ssl certificates, Configuring secure web access – Juniper Networks J-series Services Router J2320 User Manual
Page 177
■
Obtain an SSL certificate from a trusted signing authority. See “Generating SSL
Certificates” on page 155.
Generating SSL Certificates
To enable secure Web access, you must first generate a digital SSL certificate, and
then enable HTTPS access on the Services Router.
To generate an SSL certificate:
1.
Enter the following
openssl
command in your Secure Shell command-line
interface. The
openssl
command generates a self-signed SSL certificate in the
privacy-enhanced mail (PEM) format. It writes the certificate and an unencrypted
1024-bit RSA private key to the specified file.
% openssl req –x509 –nodes –newkey rsa:1024 –keyout filename.pem -out
filename.pem
Replace
filename
with the name of a file in which you want the SSL certificate
to be written—for example,
new.pem
.
2.
When prompted, type the appropriate information in the identification form.
For example, type
US
for the country name.
3.
Display the contents of the file
new.pem
.
cat new.pem
Copy the contents of this file for installing the SSL certificate.
You can use either J-Web Quick Configuration or a configuration editor to install the
SSL certificate and enable HTTPS.
Configuring Secure Web Access
Navigate to the Secure Access Quick Configuration page by selecting
Configuration>Quick Configuration>Secure Access. On this page, you can enable
HTTP and HTTPS access on interfaces for managing Services Routers through the
Web interface. You can also install SSL certificates and enable JUNOScript over SSL
with the Secure Access page.
Figure 72 on page 156 shows the Secure Access Quick Configuration page.
Configuring Secure Web Access
■
155
Chapter 8: Configuring Secure Web Access