Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

IKEv2 certificate lookup based on URL is not supported on ScreenOS



Article ID: KB30534 KB Last Updated: 26 Aug 2015Version: 1.0

IKEv2 certificate lookup based on URL is not supported on ScreenOS.


According to RFC 4945, a device can support an implementation (HTTP_CERT_LOOKUP_SUPPORTED) where instead of sending a complete certificate in the payload, a hash and URL where the certificate is stored can be sent to the peer.

This is not a mandatory implementation.


ScreenOS devices do not support this feature. We will always send the entire certificate in the payload.

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search