Entrust Datacard

Entrust Certificate Services Support Knowledge Base

Last Modified: 2016-09-07 15:42:23.0

SSL/TLS Certificate Installation Instructions - Juniper Secure Access VPN

Article Number: 46514

Entrust Certificate Services Support Knowledge Base

Audience: General
Last Modified: 2015-11-25 15:37:51.0

TN 8251 - SSL/TLS Certificate Installation Instructions - Juniper Secure Access VPN

Before you begin
  • Never share private key files. 
  • If you plan on using the same certificate on multiple servers always transfer the private key using a secure method (e-mail is not considered a secure method of transfer).
  • Make sure you run the SSL Server Test at the end of the installation process to check your certificate configuration against SSL/TLS Best Practices.
  • For more information on SSL/TLS Best Practices, click here.

 

Installing your Entrust SSL/TLS Certificate on Juniper Secure Access VPN

 

1. Click the Download button in the pickup wizard to download your certificate files. Clicking the download button will produce a zip file that includes your Server Certificate, the Entrust chain/intermediate certificates(s) and the Entrust Root certificate. Extract the files from the zip file.

2. In the Juniper administration console, click on System > Configuration > Certificates > Trusted Server CAs.

3. Click Import Trust Server CA.

4. Browse to Root.crt file that you extracted from the zip file in step 1 and click Import Certificate.

5. A message should appear on the screen confirming that the certificate import was successful. Click Done to complete the root certificate import process.

6. In the next set of steps, you must install the chain/intermediate certificate files that were obtained in step 1. In the Juniper administration console, click on System > Configuration > Certificates > Device Certificates.

7. Click the Intermediate Device CAs link at the top of the page.

8. Click Import CA Certificate. 

9. Browse to the Intermediate1.crt file that you extracted from the zip file in Step 1.

10. A message should appear on the screen confirming that the certificate import was successful. Click Done

11. Important! Repeat steps 6-10 if your zip file included a second intermediate/chain certificate named Intermediate2.crt. If this was provided in the zip file, it must be imported to complete the full certificate chain.

12. You are now ready to install your signed SSL/TLS Server Certificate. In the Juniper administration console, click System > Configuration > Certificates > Device Certificates.

13. Under Certificate Signing Requests, click the Pending CSR link that corresponds to the signed certificate from Entrust.

 

14. Under Import signed certificate, browse to ServerCertificate.crt that was obtained in step 1 and click Import.

15. You should see a message confirming that the certificate has been imported successfully. The Server Certificate should appear in the list of Device Certificates. You may need to refresh the appliance for these changes to take effect.

 

Affected Products:

  • Entrust Certificate Services 1 Year Advantage SSL Certificate Version Not Applicable Language Not Applicable Platform Not Applicable

TN8251

Affected Products:

  • Entrust Certificate Services 1 Year Advantage SSL Certificate Version Not Applicable Language Not Applicable Platform Not Applicable