Junos OS

Hey Guys, 

I'm having issues installing the ca and local certificate? Have you encountered this issues? Im using der format , is should be supported right?

Web  forum has little to no information about this error, so need to gather more details. 

CA Certificate:

root@xxxxx> ...-profile CA_240508 filename /var/tmp/ca_20240520.der
Fingerprint:
  <Find prints cut>
Do you want to load this CA certificate ? [yes,no] (no) yes

error: Failed to write the CA certificate to local store

Local Certificate Installation:

root@xxxx> ...001x203 filename /var/tmp/0813001x203_20240520.der
error: error load certid<0813001x203>

I fixed the CA Cert renew by removing the current CA certificate and loading the new one again. however is still persist for local certificate.

Any idea? Should I create a new Certificate-id? 

Hello,

I have stumbled across this issue just a few weeks ago.

It is difficult to find detailed instructions on Juniper documentation for installing local certificates.

You can find hints on what you need to do here:

Importing SSL Certificates for Junos XML Protocol Support | Junos OS | Juniper Networks

My purpose was setting the device up for Telemetry and this guide helped a lot:

dave.dev - Configuring SSL for gRPC on Junos

In summary, you need to prepare a file that includes the device certificate and its private key.

I have succeeded in that using PEM format (not mentioned in the Juniper link above). Not sure if DER will work.

If the private key is using a passphrase keep it handy because you will need it during the import.

I wish Juniper had more clear instructions on this matter.

Hope this helps,

Alexandros