cancel
Showing results for 
Search instead for 
Did you mean: 

How does SRX210 load the ic.crt file?

zhaoqiang_
Not applicable

How does SRX210 load the ic.crt file?

I want to ask a based question_ I want to connect the IC4500 with SRX210 _They are directed _I use the command

#set services unified-access-control infranet-controller IC4500 address 10.1.1.252
#set services unified-access-control infranet-controller IC4500 port 11122
#set services unified-access-control infranet-controller IC4500 interface ge-0/0/0.0
#set services unified-access-control infranet-controller IC4500 password "juniper"

>request security pki local-certificate load certificate-id ic.crt filename /var/tmp/ic.crt

The ic.crt file was the IC4500 generated.

I want some help And what can i do follow?

1 REPLY 1
winai_r_
Not applicable

Re: How does SRX210 load the ic.crt file?


-----------> ftp certificate to /var/tmp of junos devices

ftp> get cacert.pem
local: cacert.pem remote: cacert.pem
200 PORT command successful.
150 File status OK ; about to open data connection
100% |**************************************************| 1277 00:00 ETA
226 Closing data connection; File transfer successful.
1277 bytes received in 0.00 seconds (1.19 MB/s)
ftp> by
221 Service closing control connection




-----------> set ca profile to use imported certificate

set security pki ca-profile ic-auth ca-identity cacert
set security pki ca-profile ic-auth enrollment retry 10
set security pki ca-profile ic-auth enrollment retry-interval 1800


----------> request ca profile to load/run imported certificate

run request security pki ca-certificate load ca-profile ic-auth filename cacert.pem



-----------> communication between ic and junos device

set services unified-access-control infranet-controller ic4000 address 172.27.130.89
set services unified-access-control infranet-controller ic4000 port 11123
set services unified-access-control infranet-controller ic4000 interface ge-0/0/0.0
set services unified-access-control infranet-controller ic4000 password "$9$nTwm9tOhSeX7V1R7VwYZG69Ap1RcylMLx"
set services unified-access-control infranet-controller ic4000 ca-profile ic-auth
set services unified-access-control timeout 40


----------> verify connectivities between ic and junos device

run show services unified-access-control status