JunosE 11.2.x IP Services Configuration Guide
ipsec key generate
ipsec key zeroize
organization
218
Use the no version to remove policies. If you do not include a priority number with the
no version, all policies are removed.
NOTE: This command has been replaced by "ipsec ike-policy-rule" on page 217 and may
be removed completely in a future release.
See ipsec isakmp-policy-rule.
Use to generate RSA key pairs. Include a length of either 1024 or 2048 bits. The
generated keys can be used only after the CA issues a certificate for them.
Example
host1(config)#ipsec key generate rsa 2048
Please wait.................................................
..........................
IPsec Generate Keys complete
There is no no version. To remove a key pair, use the ipsec key zeroize command.
See ipsec key generate.
Use to delete RSA key pairs. Include one of the following keywords:
rsa—Removes the RSA key pair from the router
pre-share—Removes all preshared keys from the router
all—Removes all keys within the VR context from the router
Example
host1(config)#ipsec key zeroize rsa
There is no no version.
See ipsec key zeroize.
Use to specify the organization used in the Subject Name field of certificates.
Example
host1(config-ipsec-identity)#organization juniperNetworks
Use the no version to remove the organization name.
See organization.
Copyright © 2010, Juniper Networks, Inc.