Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

How to configure HTTPS for SRX with generating your own SSL certificate



Article ID: KB15201 KB Last Updated: 25 Jun 2020Version: 4.0

Generate your own SSL certificate and configure HTTPS for SRX.


Below is an example of generating your own SSL certificate for the SRX with HTTPS management:

  1. Generate a certificate named "test01.pem" on a Linux server with OpenSSL installed. (Note: A key size of 2048 bytes or larger is recommended if PCI DSS compliance is needed.  Additionally, Firefox browsers will not accept SSL keys < 2048.)
    bash-2.05b$ openssl req -x509 -nodes -newkey rsa:2048 -keyout test01.pem -out test01.pem

  2. Copy file "test01.pem" to the SRX in the config directory /config/test01.pem.
    root@JTAC-24F% cd /config/
    root@JTAC-24F% ls -l test01.pem
    -rw-r--r-- 1 root wheel 2083 Jan 21 09:51 test01.pem

  3. Configure the security option, specifying the cert-name as "test01".
    user@srx# set security certificates local test01 load-key-file /config/

  4. Configure HTTPS web-management with the "test01" certificate.
    user@srx# set system services web-management https local-certificate test01
    user@srx# set system services web-management https interface ge-0/0/0.0
    user@srx# set system services web-management https port 443

  5. Configure the interface IP address, if not done already.  
Modification History:
2020-06-25: Article reviewed for accuracy; no changes required.

Related Links

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search