Feature Explorer AI 
×
Certificate-based authentication is used during IKE negotiation. In large networks, multiple certificate authorities (CAs) may issue certificates to different devices. Instead of requiring all devices to use a single CA, certificate chains allow verification using a sequence of certificates: the end-entity (device), intermediate CAs, and a root CA. During negotiation, devices can exchange these chains to establish trust. For authentication to succeed, peers must share at least one trusted CA in their chains (not necessarily the root). The total chain length, including all certificates, is limited to 10.
| Product / Application | Software | Introduced Release |
|---|---|---|
| MX5 | Junos OS | 16.1R1 |
| MX10 | Junos OS | 16.1R1 |
| MX40 | Junos OS | 16.1R1 |
| MX80 | Junos OS | 16.1R1 |
| MX104 | Junos OS | 16.1R1 |
| MX204 | Junos OS | 17.4R1 |
| MX240 | Junos OS | 16.1R1 |
| MX480 | Junos OS | 16.1R1 |
| MX960 | Junos OS | 16.1R1 |
| MX2010 | Junos OS | 16.1R1 |
| MX2020 | Junos OS | 16.1R1 |
| MX10003 | Junos OS | 17.3R1 |
| MX10004 | Junos OS | 22.3R1 |
| MX10008 | Junos OS | 18.2R1 |
| MX10016 | Junos OS | 19.2R1 |
| vSRX | Junos OS | 12.1X47-D10 |
| SRX300 | Junos OS | 15.1X49-D35 |
| SRX320 | Junos OS | 15.1X49-D35 |
| SRX340 | Junos OS | 15.1X49-D35 |
| SRX345 | Junos OS | 15.1X49-D35 |
| SRX380 | Junos OS | 20.1R1 |
| SRX550 | Junos OS | 12.1X45-D10 |
| SRX550 HM | Junos OS | 15.1X49-D30 |
| SRX1500 | Junos OS | 15.1X49-D30 |
| SRX1600 | Junos OS | 23.4R1 |
| SRX2300 | Junos OS | 23.4R1 |
| SRX4100 | Junos OS | 15.1X49-D65 |
| SRX4120 | Junos OS | 25.2R1 |
| SRX4200 | Junos OS | 15.1X49-D65 |
| SRX4300 | Junos OS | 24.2R1 |
| SRX4600 | Junos OS | 17.4R2 |
| SRX4700 | Junos OS | 24.4R1-S2 |
| SRX5400 | Junos OS | 12.1X46-D10 |
| SRX5600 | Junos OS | 12.1X45-D10 |
| SRX5800 | Junos OS | 12.1X45-D10 |