Security

Hi,

I'm looking into AutoVPN's, as documented here:
AutoVPN on Hub-and-Spoke Devices

In the examples, SCEP is used to enrol the local and CA certificates.
Is SCEP required, or is this just one way it can be done?

Could I, for example, get a certificate from Lets Encrypt and enrol it manually?


Thanks

Hi,
1. why the cross/dup post?
2. SCEP is one way, CMP is another Configuring CA and Local Certificates - TechLibrary - Juniper Networks
Regards
Ulf

------------------------------
Ulf Bremer
------------------------------

Original Message:
Sent: 12-09-2020 20:11
From: Unknown User
Subject: AutoVPN and Certificates

Hi,

I'm looking into AutoVPN's, as documented here:
AutoVPN on Hub-and-Spoke Devices

In the examples, SCEP is used to enrol the local and CA certificates.
Is SCEP required, or is this just one way it can be done?

Could I, for example, get a certificate from Lets Encrypt and enrol it manually?


Thanks

The cross-post was to get this question to as many experts as possible. This is a native feature in Elevate now.
Original Message:
Sent: 12-10-2020 03:47
From: Ulf Bremer
Subject: AutoVPN and Certificates

Hi,
1. why the cross/dup post?
2. SCEP is one way, CMP is another Configuring CA and Local Certificates - TechLibrary - Juniper Networks
Regards
Ulf

------------------------------
Ulf Bremer

Original Message:
Sent: 12-09-2020 20:11
From: Unknown User
Subject: AutoVPN and Certificates

Hi,

I'm looking into AutoVPN's, as documented here:
AutoVPN on Hub-and-Spoke Devices

In the examples, SCEP is used to enrol the local and CA certificates.
Is SCEP required, or is this just one way it can be done?

Could I, for example, get a certificate from Lets Encrypt and enrol it manually?


Thanks

Hi
You can use any method you want, as long as you get the certificates installed on the SRX. You can manually copy the certificates direct into the SRX, as opposed to the example SCEP.
Regards 

------------------------------
Maxwell Tsu
------------------------------

Original Message:
Sent: 12-09-2020 20:11
From: Unknown User
Subject: AutoVPN and Certificates

Hi,

I'm looking into AutoVPN's, as documented here:
AutoVPN on Hub-and-Spoke Devices

In the examples, SCEP is used to enrol the local and CA certificates.
Is SCEP required, or is this just one way it can be done?

Could I, for example, get a certificate from Lets Encrypt and enrol it manually?


Thanks

That's fantastic news, thanks!
Original Message:
Sent: 12-10-2020 06:22
From: Maxwell Tsu
Subject: AutoVPN and Certificates

Hi
You can use any method you want, as long as you get the certificates installed on the SRX. You can manually copy the certificates direct into the SRX, as opposed to the example SCEP.
Regards 

------------------------------
Maxwell Tsu

Original Message:
Sent: 12-09-2020 20:11
From: Unknown User
Subject: AutoVPN and Certificates

Hi,

I'm looking into AutoVPN's, as documented here:
AutoVPN on Hub-and-Spoke Devices

In the examples, SCEP is used to enrol the local and CA certificates.
Is SCEP required, or is this just one way it can be done?

Could I, for example, get a certificate from Lets Encrypt and enrol it manually?


Thanks