Home
System management
Documents under this category provide information about configuring basic system functions and components on SR-series routers. This includes system and interface configuration, as well as licensing.
System Management Guide
This guide describes system security features, SNMP and NETCONF features, and event and accounting logs; the guide also covers basic tasks such as configuring management access filters, passwords, and user profiles.
Public key infrastructure
X.509v3 certificate overview
CA chain computation

System management
Documents under this category provide information about configuring basic system functions and components on SR-series routers. This includes system and interface configuration, as well as licensing.
- Basic System Configuration Guide
  This guide describes file system management, boot option file (BOF) configuration, basic system management configuration, node timing, and synchronization functions.
- Interface Configuration Guide
  This guide describes how to provision Input/Output Modules (IOMs), XMA Control Modules (XCMs), Media Dependent Adapters (MDAs), XRS Media Adapters (XMAs), connectors, and ports.
- Pay-as-you-Grow Licensing Guide
- Router Configuration Guide
  This guide dscribes logical IP routing interfaces and associated attributes such as IP addresses, as well as IP and MAC-based filtering, Virtual Router Redundancy Protocol (VRRP), and cflowd.
- System Management Guide
  This guide describes system security features, SNMP and NETCONF features, and event and accounting logs; the guide also covers basic tasks such as configuring management access filters, passwords, and user profiles.

CA chain computation

In case of verifying a certificate with a CA or a chain of CAs, the system needs to identify the issuer CA of the certificate in question. The SR OS looks through all configured ca-profiles to find the issuer CA. The following is the method system used to find the issuer CA:

The issuer CA’s certificate subject must match the issuer field of the certificate in question.
If present, the authority key identifier of the certificate in question must match the subject key identifier of the issuer CA’s certificate.
If present, the key usage extension of the issuer CA’s certificate must permit certificate signing.

November 20, 2023

CA chain computation

For consumers

For business

Innovation

About us

Contact and support