CSR generation on Juniper Secure Access VPN

  • Apr 20, 2023

To generate a CSR (Certificate Signing Request) on a Juniper Secure Access VPN, you can follow these steps:

Step 1: Generating your CSR:
  1. Log in to the Juniper Secure Access VPN web interface as an administrator.
  2. Navigate to the Configuration tab and select Certificates.
  3. Click the Generate button to create a new CSR.



  4. Enter the required information for the CSR, such as the common name (CN), organization (O), and country (C).
    1. Common Name: The fully-qualified domain name, or URL, you're securing. for example " www.domain.com". If you are requesting a Wildcard certificate, add an asterisk (*) to the left of the common name where you want the wildcard, for example *.domain.com.
    2. Organization Name: If the company or department has an &, @, or any other symbol using the shift key in its name, the symbol must be spelled out or omitted, in order to enroll. Example: XY & Z Corporation would be XYZ Corporation or XY and Z Corporation.
    3. Organizational Unit: The Organizational Unit (OU) field is the name of the department or organization unit making the request. To skip the OU field, press Enter on the keyboard.
    4. Locality or City: The Locality field is the city or town name, for example: Boston. Do not abbreviate. For example: Saint Louis, not St. Louis
    5. State or Province: Spell out the state completely; do not abbreviate the state or province name, for example: Massachusetts
    6. Country Name: Use the two-letter code without punctuation for country, for example: US or CA.
  5. Select the appropriate key size and signature algorithm for the CSR.
  6. Click the Generate button to create the CSR.



  7. The generated CSR will be displayed on the screen. You can copy the CSR and paste it into a text editor to save it as a .csr file.



  8. Submit the CSR to a certificate authority (CA) to have it signed and obtain a certificate.
  9. Once you have received the signed certificate, you can upload it to the juniper VPN by going to the configuration > Certificates > Server Certificates > Import.
  10. Finally, you need to bind the certificate to the VPN. Go to the Configuration > Certificates > SSL VPN and select the certificate that you just imported. 

Sections