Before you begin, Generating ssl certificates – Juniper Networks J4350 User Manual

Configuring Secure Web Access

Before You Begin

Before you begin initial configuration, complete the following tasks:

Establish basic connectivity. See “Establishing Basic Connectivity” on page 93.

Obtain an SSL certificate from a trusted signing authority. See “Generating SSL
Certificates” on page 117.

Generating SSL Certificates

To enable secure Web access, you must first generate a digital SSL certificate,
and then enable HTTPS access on the Services Router.

To generate an SSL certificate:

1.

Enter the following

openssl

command in your Secure Shell command-line

interface. The

openssl

command generates a self-signed SSL certificate in

the privacy-enhanced mail (PEM) format. It writes the certificate and an
unencrypted 1024-bit RSA private key to the specified file.

% openssl req –x509 –nodes –newkey rsa:1024 –keyout filename .pem -out filename .pem

Replace

filename

with the name of a file in which you want the SSL certificate

to be written—for example,

new.pem

.

2.

When prompted, type the appropriate information in the identification form.
For example, type

US

for the country name.

3.

Display the contents of the file

new.pem

.

cat new.pem

Copy the contents of this file for installing the SSL certificate.

Use can use either J-Web Quick Configuration or a configuration editor
to install the SSL certificate and enable HTTPS.

Configuring Secure Web Access with Quick Configuration

Use the Secure Access Quick Configuration page to enable HTTP and HTTPS access
on interfaces for managing Services Routers through the Web interface. You can also
install SSL certificates and enable JUNOScript over SSL with the Secure Access page.

Figure 37 shows the Secure Access Quick Configuration page.

Configuring Secure Web Access with Quick Configuration

117