Versions Compared

Old Version 3

changes.mady.by.user Jean-luc KRIKER

Saved on

compared with

New Version 4

changes.mady.by.user Jean-luc KRIKER

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...



status

show services ssl proxy status


Code Block
titlestatus
jcluser@JCL-NGFW-30> show services ssl proxy status  
PIC:fpc0 fpc[0] pic[0] ------
        One-Crypto       :  Enable
        Async Crypto     :  disable
Proxy-activation :  Only if interested svcs configured
        Local Logging    :  disable
SSLFP-PKID Link  :  UP
Certificate cache : -
Certificate Cache activated                : yes
Invalidate certificate cache on CRL update : Disabled
Max cert cache nodes  :       4000
Cert cache node in use :          6
Session cache : -
Session cache activated : Activated
Max session cache node  :      19660
Session cache node in use     :         33


statistics

show services ssl proxy statistics


Code Block
titlestatistics
jcluser@JCL-NGFW-30> show services ssl proxy statistics     
PIC:fpc0 fpc[0] pic[0] ------
        sessions matched                                1031
        sessions bypassed:non-ssl                          0
        sessions bypassed:mem overflow                     0
        sessions bypassed:low memory                       0
        sessions created                                1031
        sessions ignored                                  92
        sessions active                                    6
        sessions dropped                                 160
        sessions whitelisted                               0
        whitelisted url category match                     0
        default profile hit                                0
        session dropped no default profile                 0
        policy hit no profile configured                   0




Certificateshttps://www.juniper.net/documentation/en_US/junos/topics/task/troubleshooting/security-ssl-proxy-troubleshooting.html

show services ssl certificate brief certificate-id ssl-fp2

Code Block
titlecertificates
collapsetrue
           
jcluser@JCL-NGFW-30> show services ssl certificate brief certificate-id ssl-fp2 


Lsys Name : root-logical-system

PIC:fpc0 fpc[0] pic[0] ------

CertID                : ssl-fp2
Certificate Type      : LOCAL-CERT
Issuer                : /C=US/ST=CA/L=Sunnyvale/O=Juniper POC/OU=LAB/CN=SRX POC/emailAddress=admi
n@jnpr.net
Subject               : /C=US/ST=CA/L=Sunnyvale/O=Juniper POC/OU=LAB/CN=SRX POC/emailAddress=admi
n@jnpr.net
Validity :
    Not before        : Tue 07/21/2015 12:49:35 AM
    Not after         : Mon 07/16/2035 12:49:35 AM
Public Key algorithm  : rsaEncryption


show services ssl certificate detail certificate-id ssl-fp2


Code Block
titledetails
collapsetrue
jcluser@JCL-NGFW-30> show services ssl certificate detail certificate-id ssl-fp2 


Lsys Name : root-logical-system

PIC:fpc0 fpc[0] pic[0] ------

CertID                : ssl-fp2
Certificate Type      : LOCAL-CERT
cert modify time      : Fri 06/28/2019 02:13:17 PM
key modify time       : Fri 06/28/2019 02:13:17 PM
certificate version   : 3
serial number         : e2 b9 52 41 26 46 c2 90 
Issuer                : /C=US/ST=CA/L=Sunnyvale/O=Juniper POC/OU=LAB/CN=SRX POC/emailAddress=admi
n@jnpr.net
Subject               : /C=US/ST=CA/L=Sunnyvale/O=Juniper POC/OU=LAB/CN=SRX POC/emailAddress=admi
n@jnpr.net
Validity :
    Not before        : Tue 07/21/2015 12:49:35 AM
    Not after         : Mon 07/16/2035 12:49:35 AM
Public Key algorithm  : rsaEncryption
Signature Algorithm   : sha256WithRSAEncryption




...