Manualshelf

User guide

ManualsBrandsJuniper ManualsNetworkingSA6500 FIPS
41424344454647484950
CHAPTER 9
Device Certificates
Importing Device Certificates on page 35
Importing Device Certificates
To import a device certificate, generate a CSR from the appliance and then import its
corresponding certificate after it is validated by a CA. Each CSR request generates a new
RSA key pair.
NOTE: Device certificates without a CSR request from the appliance cannot
be imported.
NOTE: The SA Series FIPS appliance is said to be in a disassociated state
when the key store state in the cache and on disk are different. As a security
measure, you cannot create or delete a CSR when the appliance is in a
disassociated state. The options are grayed-out. To resolve a disassociated
state, connect to the serial console and reload the FIPS keystore database
(Option 9 > Sub-option 1).
Related
Documentation
FIPS Overview on page 9
35Copyright © 2012, Juniper Networks, Inc.