Log in to ask questions, share your expertise, or stay connected to content you value. Don’t have a login? Learn how to become a member.
What version of X.509 certificates are supported (V1 or V3)?
Juniper Networks supports both versions of X.509 certificates. However, you must use V3 if you want to use the SubjectAlternativeName extension field for a non-DN (distinguished name) Internet Key Exchange (IKE) ID type (for example, IP address, e-mail address, or fully qualified domain name [FQDN]).
For more information, see Understanding Certificates and PKI