Installing the Client Certificate on the SAE

[Contents] [Prev] [Next] [Report an Error] [No Frames]

SDX 6.4.0 Release Notes > Installing the Client Certificate on the SAE
Installing the Client Certificate on the SAE
The SAE needs a copy of the certificate that was used to sign the client (router) certificate. The certificate should be in the form of a file named ca.pem. To add the certificate to the SAE keystore, use the openssl command to create the keystore, and import the client (router) certificate into the keystore. For example:
openssl pkcs12 -export -in sae.pem -certfile -ca.pem -out 
keystore/keystore.pkcs12 -password pass:<password>
The value for -out must match the value of the Keystore Location field in the JUNOS router driver.

The <password> must match the value of the Keystore Password field in the JUNOS router driver.

See Configuring the Keystore for TLS Certificates and Keys.

To view the contents of the keystore:
openssl pkcs12 -info -in keystore.pkcs12

[Contents] [Prev] [Next] [Report an Error] [No Frames]