Configuring the Key and Certificate for TLS
You can encrypt communication between the machine and a Web browser on the computer by using Transport Layer Security (TLS). TLS is a mechanism for encrypting data sent or received over the network. TLS must be enabled when the Remote UI is used for specifying settings for IPSec (Pre-Shared Key Method), IEEE 802.1X authentication (TTLS/PEAP), or SNMPv3. To use TLS encrypted communication for the Remote UI, you need to specify a "key and certificate" (server certificate) you want to use before enabling TLS. Generate or install the key and certificate for TLS before enabling TLS.
Configuring the Key and Certificate for TLS: Firmware Main Controller Version: Ver. 05.49 or Earlier
1
Start the Remote UI and log in to System Manager Mode.
Starting Remote UI
2
Click [Settings/Registration] on the Portal page.
Remote UI Screen
3
Select [Network Settings]
[TLS Settings].
4
Click [Key and Certificate].
5
Click [Register Default Key] on the right of the key and certificate you want to use.
Viewing details of a certificate
You can check the details of the certificate or verify the certificate by clicking the corresponding text link under [Key Name], or the certificate icon.
6
Select [License/Other]
[Remote UI Settings].
7
Click [Edit].
8
Select the [Use TLS] check box and click [OK].
9
Restart the machine.
Turn OFF the machine, wait for at least 10 seconds, and turn it back ON.
|
Using the operation panel
You can also enable or disable TLS encrypted communication from <Menu> in the Home screen. <Remote UI>
Starting the Remote UI with TLS
If you try to start the Remote UI when TLS is enabled, a security alert may be displayed regarding the security certificate. In this case, check that the correct URL is entered in the address field, and then proceed to display the Remote UI screen. Starting Remote UI
Using TLS to encrypt e-mail/I-Fax communication
If the SMTP server and the POP3 server support TLS, you can enable TLS for communication with these servers ( Configuring E-Mail/I-Fax Communication Settings). For more information about the SMTP server and the POP3 server, contact your Internet service provider or Network Administrator.
Limiting the TLS version
Select [Allowed Versions] on the [TLS Settings] page of Remote UI, and specify the upper limit and lower limit.
|
Configuring the Key and Certificate for TLS: Firmware Main Controller Version: Ver. 05.50 or Later
1
Start the Remote UI and log in to System Manager Mode.
Starting Remote UI
2
Click [Settings/Registration] on the Portal page.
Remote UI Screen
3
Select [Network Settings]
[TLS Settings].
4
Click [Key and Certificate].
5
Click [Register Default Key] on the right of the key and certificate you want to use.
Viewing details of a certificate
You can check the details of the certificate or verify the certificate by clicking the corresponding text link under [Key Name], or the certificate icon.
6
Click [Edit].
7
Configure detailed TLS settings.
[Allowed Versions]
Specify [Maximum Version] and [Minimum Version] of TLS.
[Algorithm Settings]
Select the check box for the encryption algorithm to use for TLS.
8
Click [OK].
9
Select [License/Other]
[Remote UI Settings].
10
Click [Edit].
11
Select the [Use TLS] check box and click [OK].
12
Restart the machine.
Turn OFF the machine, wait for at least 10 seconds, and turn it back ON.
|
Using the operation panel
You can also enable or disable TLS encrypted communication from <Menu> in the Home screen. <Remote UI>
Starting the Remote UI with TLS
If you try to start the Remote UI when TLS is enabled, a security alert may be displayed regarding the security certificate. In this case, check that the correct URL is entered in the address field, and then proceed to display the Remote UI screen. Starting Remote UI
Using TLS to encrypt e-mail/I-Fax communication
If the SMTP server and the POP3 server support TLS, you can enable TLS for communication with these servers ( Configuring E-Mail/I-Fax Communication Settings). For more information about the SMTP server and the POP3 server, contact your Internet service provider or Network Administrator.
|
LINKS