Skip to main content

Entrust Datacard SSL/TLS Certificate Installation Instructions - Juniper Secure Access VPN

User-added image
Purpose:
SSL/TLS certificate installation guide
For Juniper Secure Access VPN
User-added image

Skip to Installation

NOTE:
As of November 12, 2024, Entrust introduced a new TLS certificate hierarchy as part of the deployment. The TLS certificate delivery now includes two certificate chains. The delivery of these certificate chains can be in the form of:

  • Individual files. Intermediate 1 (filename: intermediate1.crt ) and Intermediate 2 (filename: intermediate2.crt ) or
  • Concatenate PEM file (filename: CertificateBundle1.pem ) or
  • P7B format file (filename: Certificatebundle.p7b )

Both intermediate/chain certificates must be installed in your environment.


Before you begin...

  • Never share private key files.

  • If you plan on using the same certificate on multiple servers always transfer the private key using a secure method ( e-mail is not considered a secure method of transfer ).

  • Make sure you run the SSL Server Test at the end of the installation process to check your certificate configuration against SSL/TLS Best Practices.

  • For more information on SSL/TLS Best Practices, click here .

Installing your Entrust SSL/TLS Certificate on Juniper Secure Access VPN

1. Click the Download button in the pickup wizard to download your certificate files. Clicking the download button will produce a zip file that includes your Server Certificate, the Entrust chain/intermediate certificates(s) and the Entrust Root certificate. Extract the files from the zip file.

2. In the Juniper administration console, click on System > Configuration > Certificates > Trusted Server CAs.

3. Click Import Trust Server CA.

4. Browse to Root.crt file that you extracted from the zip file in step 1 and click Import Certificate.

5. A message should appear on the screen confirming that the certificate import was successful. Click Done to complete the root certificate import process.

6. In the next set of steps, you must install the chain/intermediate certificate files that were obtained in step 1. In the Juniper administration console, click on System > Configuration > Certificates > Device Certificates.

7. Click the Intermediate Device CAs link at the top of the page.

User-added image

8. Click Import CA Certificate.

9. Browse to the Intermediate.crt file that you extracted from the zip file in Step 1.

NOTE: As of November 12, 2024, the intermediate certificate came with two files: intermediate1.crt and intermediate2.crt. These intermediate/chain certificates must be imported into your server/appliance.

10. A message should appear on the screen confirming that the certificate import was successful. Click Done

11. You are now ready to install your signed SSL/TLS Server Certificate. In the Juniper administration console, click System > Configuration > Certificates > Device Certificates .

13. Under Certificate Signing Requests , click the Pending CSR link that corresponds to the signed certificate from Entrust.

User-added image

14. Under Import signed certificate , browse to ServerCertificate.crt that was obtained in step 1 and click Import .


15. You should see a message confirming that the certificate has been imported successfully. The Server Certificate should appear in the list of Device Certificates. You may need to refresh the appliance for these changes to take effect.

If you have any questions or concerns please contact the Entrust Certificate Services Support department for further assistance:

Hours of Operation:
Sunday 8:00 PM ET to Friday 8:00 PM ET
North America (toll free): 1-866-267-9297
Outside North America: 1-613-270-2680 (or see the list below)
NOTE: It is very important that international callers dial the UITF format exactly as indicated. Do not dial an extra "1" before the "800" or your call will not be accepted as an UITF toll free call.

Country

Number

Australia

0011 - 800-3687-7863
1-800-767-513

Austria

00 - 800-3687-7863

Belgium

00 - 800-3687-7863

Denmark

00 - 800-3687-7863

Finland

990 - 800-3687-7863 (Telecom Finland)
00 - 800-3687-7863 (Finnet)

France

00 - 800-3687-7863

Germany

00 - 800-3687-7863

Hong Kong

001 - 800-3687-7863 (Voice)
002 - 800-3687-7863 (Fax)

Ireland

00 - 800-3687-7863

Israel

014 - 800-3687-7863

Italy

00 - 800-3687-7863

Japan

001 - 800-3687-7863 (KDD)
004 - 800-3687-7863 (ITJ)
0061 - 800-3687-7863 (IDC)

Korea

001 - 800-3687-7863 (Korea Telecom)
002 - 800-3687-7863 (Dacom)

Malaysia

00 - 800-3687-7863

Netherlands

00 - 800-3687-7863

New Zealand

00 - 800-3687-7863
0800-4413101

Norway

00 - 800-3687-7863

Singapore

001 - 800-3687-7863

Spain

00 - 800-3687-7863

Sweden

00 - 800-3687-7863 (Telia)
00 - 800-3687-7863 (Tele2)

Switzerland

00 - 800-3687-7863

Taiwan

00 - 800-3687-7863

United Kingdom

00 - 800-3687-7863
0800 121 6078
+44 (0) 118 953 3088