Entrust Certificate Services Support Knowledge BaseLast Modified: 2016-07-05 09:23:12.0
How do I create a CSR with 2048 key bit length on a Juniper device?
Article Number: 44802Problem:
You do not have the option to create a 2048 bit length CSR from your Juniper managment interface. This mostly affects Juniper systems 6.x - 6.4
There are 2 options
Option 1: Use OpenSSL command
Generate a key pair, and go to "Configuration -> Certificates -> Device Certificates -> Import Certificate and Key" and import the key file and certificate file (these are stored separately)
Use the CSR to submit your request to Entrust and when the certificate is signed and sent back, import the certificate and key as mentioned above.
An example of the OpenSSL command is:
openssl genrsa -des3 -out "C:\temp\private_key.key" 2048
openssl req -new -key "C:\temp\private_key.key" -out "C:\temp\Entrust.csr"
Option 2: Upgrade Juniper
Please see the "What’s New in Juniper Networks Secure Access (SA) SSL VPN Version 6.5" or contact Juniper Support for further assistance.
- Entrust Certificate Services Advantage Certificates Version Not Applicable Language Not Applicable Platform Not Applicable
- Entrust Certificate Services Extended Validation Certificate Units Version Not Applicable Language Not Applicable Platform Not Applicable
- Entrust Certificate Services Wildcard Certificates Version Not Applicable Language Not Applicable Platform Not Applicable