nanog mailing list archives

Re: juniper vpn

From: Edward Dore <edward.dore () freethought-internet co uk>
Date: Wed, 28 Nov 2012 22:03:47 +0000

Assuming that it's a binary DER encoded x509 certificate, you can use OpenSSL to convert it to a base64 encoded PEM 
certificate with:

openssl x509 -inform DER -in <file> -outform PEM -out <file>

Edward Dore 
Freethought Internet 

On 28 Nov 2012, at 21:19, Jeroen van Aart wrote:

On 11/27/2012 07:27 PM, Owen DeLong wrote:

Do you want one for IPSEC or for the SSL VPN Appliance that Juniper is pushing nowadays?


I just checked, the script i am looking at calls the ncscv tool which I believe is made by juniper? It needs amongst 
other things an ssl certificate. So I presume it's using the latter.

This tool/script did download a certificate, however it appears to be a binary file, not the usual plain text file. 
Is there a way to retrieve the plaintext one or extract it from the binary file? Using "file" identifies it as a data 
file.

Thanks,
Jeroen

-- 
Earthquake Magnitude: 4.8
Date: Wednesday, November 28, 2012 18:05:30 UTC
Location: Catamarca, Argentina
Latitude: -27.8486; Longitude: -66.4048
Depth: 154.40 km

Current thread:

juniper vpn Jeroen van Aart (Nov 27)
- Re: juniper vpn Gregori Parker (Nov 27)
- Re: juniper vpn Cody Rose (Nov 27)
  - Re: juniper vpn Jeroen van Aart (Nov 28)
- Re: juniper vpn Owen DeLong (Nov 27)
  - Re: juniper vpn james jones (Nov 27)
    - Re: juniper vpn Steve Haavik (Nov 28)
  - Re: juniper vpn Jeroen van Aart (Nov 28)
    - Re: juniper vpn Edward Dore (Nov 28)
    - Re: juniper vpn Jeroen van Aart (Nov 28)