Scribd Logo
Upload

Welcome to Scribd!

  • Certificate Renewal Global Task Guide: Information Classification

    Uploaded by

    Venkata Suresh
    51 views11 pages

    Original Title

    Certificate Renewal Juniper SRX Final

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    51 views11 pages

    Certificate Renewal Global Task Guide: Information Classification

    Uploaded by

    Venkata Suresh

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 11

    Certificate Renewal

    Global

    Version 1.0

    Task Guide

    Information Classification: Confidential


    Copyright  2022, Sony India Software Centre Pvt. Ltd., Bangalore, All rights reserved.
    SOMC
    Revision History
    Sl Versio Date Author Reviewed Approved Description
    n by by of changes
    0 1.0 26/10/201 Suresh Charlie Nilsson, Original
    1 5 Kaliyan Jeppsson, Alexander Version
    Robin
    Nordlund,
    Vikram
    katti, Vinay
    Kulkarni

    Document Version: 1.0 Page 2 of 11


    Information Classification: Confidential DATE: 26/10/2015
    SOMC

    Contents
    1 Introduction.............................................................................................................................5
    1.1 Purpose...........................................................................................................................5
    1.2 Scope..............................................................................................................................5
    1.3 Prerequisites...................................................................................................................5
    1.4 Audience.........................................................................................................................5
    1.5 Cross-References............................................................................................................5
    1.6 Acronyms and Definitions...............................................................................................5
    1.7 Document Conventions..................................................................................................5
    2 Certificate renewal..................................................................................................................6

    Document Version: 1.0 Page 3 of 11


    Information Classification: Confidential DATE: 26/10/2015
    SOMC

    Table of Figures
    Table 1: Prerequisites.....................................................................................................................5
    Table 2: Acronyms & Definitions....................................................................................................5

    Figure 1: Primary PCP login screen.................................................................................................6


    Figure 2: Secondary PCP login screen.............................................................................................7
    Figure 3: Citrix web application hosted..........................................................................................8
    Figure 4: Authentication popup window........................................................................................8
    Figure 5: Jump station windows server..........................................................................................9
    Figure 13: Start Menu.....................................................................................................................9
    Figure 14: Putty Configuration Window............................................Error! Bookmark not defined.
    Figure 15: Jump station server login page........................................Error! Bookmark not defined.

    Document Version: 1.0 Page 4 of 11


    Information Classification: Confidential DATE: 26/10/2015
    SOMC
    1 Introduction
    1.1 Purpose
    The purpose of this document is used to enable the device to automatically renew
    certificates by online enrollment in Juniper SRX firewall.

    1.2 Scope
    This document is limited to renew the certificates in juniper SRX firewall.

    1.3 Prerequisites
    SL. No: Prerequisites Access Required
    01. PCP Mandatory
    02. Jump station server Mandatory
    03. Old AXP account Mandatory
    04. Putty Mandatory
    Table 1: Prerequisites

    1.4 Audience
    This document will be referred by all SOMC & ISBL team members.

    1.5 Cross-References
     PCP:
    https://pcp.seld.extranet.sonyericsson.com/Citrix/AccessPlatform/login.aspx

     VWP: https://vwp.seld.sonymobile.com/vpn/index.html

    1.6 Acronyms and Definitions


    Terms Definitions
    PCP Partner collaboration portal
    SOMC Sony mobile communication
    URL Universal resource locator
    Table 2: Acronyms & Definitions

    1.7 Document Conventions


    Important information in this document is referred as a NOTE.

    Document Version: 1.0 Page 5 of 11


    Information Classification: Confidential DATE: 26/10/2015
    SOMC
    2 Certificate renewal
    STEP 1:

    Use the below URL to login to PCP Citrix to access the Jump station server. Today we
    have two Citrix solution.

     VWP (Primary)
     PCP (Secondary)

    Primary VWP screenshot is shown below.

    URL: https://vwp.seld.sonymobile.com (Primary)

    Figure 1: Primary PCP login screen

    Secondary server PCP screenshot is shown below.

    URL: https://pcp.seld.extranet.sonyericsson.com (Secondary)


    Document Version: 1.0 Page 6 of 11
    Information Classification: Confidential DATE: 26/10/2015
    SOMC

    Figure 2: Secondary PCP login screen

    NOTE: Both Primary and Secondary uses the below credentials to login.

    STEP 2:

     Username: XP account ID
     Password: AD Password
     PIN +Token: RSA (4 digit PIN) + (6 Digit Token generated PIN)
     Click on Log On

    The below screen appears.

    Document Version: 1.0 Page 7 of 11


    Information Classification: Confidential DATE: 26/10/2015
    SOMC

    Figure 3: Citrix web application hosted

    NOTE: How to start Jump station server?

    We have 2 Jump station servers one is Primary and other one Secondary
    Primary Jump station server: SELDMGT74
    Secondary Jump station server: SELDMGT70.

    STEP 3: Double Click on Primary Jump station server as preferred.

    NOTE: Only if Primary goes down then as a backup we can use secondary Jump station server.
    Most of the time partners will be connected using Secondary Jump station server.

    Authentication popup window appears on the below screen.

    Figure 4: Authentication popup window

    NOTE: AXP ID & Password is required to login to Jumpstation server.


    Contact the Team Lead for Credential.

    The below screenshot shows when we click on Jump station server SELDMGT74.

    Document Version: 1.0 Page 8 of 11


    Information Classification: Confidential DATE: 26/10/2015
    SOMC

    Figure 5: Jump station windows server

    STEP 4: Click on Start  Click on All Programs  Click on Putty as shown below.

    Figure 6: Start Menu

    STEP 5: Enter the IP address or hostname of Jump station server or firewall details to
    access juniper firewall

    NOTE: In SOMC some firewalls are only accessed through Jump station server SELDMGT69 due
    to missing firewalls rules, also we can access any other Juniper SRX firewall through jump station
    server or direct SSH. It is individual to decide which one to use.

    Document Version: 1.0 Page 9 of 11


    Information Classification: Confidential DATE: 26/10/2015
    SOMC

    Figure 7: Putty Configuration Window

    Jump station server login screen appears as shown below.

    Figure 8: SELDMGT69 jump station server login screen

    STEP 7: Login to the jump station server.

     Username: <AXP username>


     Password: <password>
    Document Version: 1.0 Page 10 of 11
    Information Classification: Confidential DATE: 26/10/2015
    SOMC

    STEP 8: Once we login to the jump station server, SSH to juniper firewall.

    Example:

    1. Enter the below command to ssh to the juniper firewall

     SSH <firewall name>


     SSH seldfwav01a

    NOTE: In this example I have selected seldfwav01a to login to the firewall changes as per the
    requirement

    In Juniper SRX environment, we actually use both the old and the new RADIUS accounts.
    It is device specific. (For example; seldfwav01a/b uses the new RADIUS servers while
    semofwad01/02 uses the old RADIUS servers.)

    STEP 9: Enter the below command in order to enable the device to automatically renew
    certificates by online enrollment or loaded manually in juniper SRX firewall.

    1. To enable and configure certificate re-enrollment

     [edit]
    user@host# set security pki auto-re-enrollment certificate-id ca-ipsec ca-
    <profile-name> ca-profile-ipsec challenge-<password-abc> re-enroll-trigger-
    time-percentage 10 re-generate-keypair

     [edit]
    user@host# commit

    2. To verify the configuration

     [edit]
     user@host> show security pki local-certificate detail

    NOTE: Operational mode command.

    ___________________________________________________________________

    Document Version: 1.0 Page 11 of 11


    Information Classification: Confidential DATE: 26/10/2015

    You might also like