NETSCREEN CSR CREATION AND SSL CERTIFICATE INSTALLATION
HOW TO GENERATE A CSR IN JUNIPER NETSCREEN OS 4.0 AND 5.0
- Connect to the WebUI application.
- In the Options menu go to Configuration and select Date/Time.
- Click the 'Sync Clock with Client' button.
- Make sure that the 'Automatically adjust clock for daylight savings changes' is set on your computer and hit 'Yes'.
- In the Options menu go to Network and select DNS.
- In Host Name enter the internal device host name.
- In the Domain Name field, enter the fully qualified domain name used to access the device, and click 'Apply'.
- Now that the clock is set and the Host/Domain names are configured you are ready to start creating your CSR. In the Options menu go to Objects and select Certificates.
- Click the 'New' button and fill out the Certificate Subject Information fields. Under the 'FQDN' (Fully Qualified Domain Name) field, enter the full domain name of your device.
- Click the 'Generate' button.
- Save the Certificate Request (CSR) as a text file.
- Copy and Paste the CSR to the TRUSTZONE certificate orderform.
- After you receive your SSL Certificate from TRUSTZONE, you can install it.
JUNIPER NETSCREEN OS 4.0 AND 5.0 SSL CERTIFICATE INSTALLATION
- In the WebUI Options menu, select Objects and Certificates.
- Load the SSL certificate:
Select the circle to load a 'Cert'. Next to 'Show' select Local. 'Browse' for the SSL certificate (your_domain_name.crt) certificate that you downloaded from your TRUSTZONE Account, and hit Load.
- Load the Intermediate Certificate:
Select the circle to load a 'Cert'. Next to 'Show' select CA. 'Browse' for the Intermediate certificate that you downloaded from your TRUSTZONE Account, and hit Load.
- Load the Root Certificate:
Select the circle to load a 'Cert'. Next to 'Show' select CA. 'Browse' for the Root (TrustedRoot.crt) certificate that you downloaded from your TRUSTZONE Account, and hit Load.
- Verify that your SSL certificate loaded as a 'Local' certificate. The Intermediate and Root certificates should have loaded as CA certificates. If the SSL certificate loaded as a CA certificate something is wrong. This usually happens because the domain is not properly setup on the device. To resolve this you will need to configure the domain name (see CSR creation instructions), create a new CSR for a new certificate, and install the certificate again.
The SSL Certificate installation on your NetScreen Device is now complete.
Last updated: August, 8, 2017