Juniper IP SERVICES - CONFIGURATION GUIDE V 11.1.X Configuration Manual page 256

JUNOSe 11.1.x IP Services Configuration Guide
ipsec ca enroll
ipsec ca identity
ipsec ike-policy-rule
230
Configuring Digital Certificates Using the Online Method
INFO 10/18/2003 03:45:16 ikeEnrollment (): Received CA certificate for
ca:trustedca1 fingerprint:28:19:ba:76:d8:e0:bb:22:60:cd:b9:2d:dc:b8:58:01
host1(config)#
Use the no ipsec ca identity command for the specified CA, or boot the router
using the factory defaults to remove the CA certificate that was generated during
the online configuration.
There is no no version.
See ipsec ca authenticate.
Use to enroll with the specified CA and to retrieve the router's public key
certificate during online digital certificate configuration. If enrollment is successful,
the CA sends the certificate to the router and logs an ikeEnrollment message is
logged at severity info.
Use the password option, if required by the CA, to access the CA and enable
enrollment.
The CA must be previously declared by the ipsec ca identity command.
Example
host1(config)#ipsec ca enroll trustedca1 My498pWd
host1(config)#INFO 10/18/2003 03:49:33 ikeEnrollment (): Received erx
certificate for ca:trustedca1
host1(config)#
Use the no ipsec ca identity command for the specified CA or boot the router
using the factory defaults to remove the router's public certificate that was
generated during the online configuration.
There is no no version.
See ipsec ca enroll.
Use to specify the CA that the ERX router uses for online certificate requests and
to enter IPSec Identity Configuration mode.
In IPSec Identity Configuration mode you specify information that the router
uses in certificate requests and during negotiations with its peers.
Example
host1(config)#ipsec ca identity trustedca1
host1(config-ipsec-identity)#
Use the no version to remove the identity configuration.
See ipsec ca identity.