Managing Key Pairs and Digital Certificates from a Web Browser
2-25
Ma
na
ging
Job
s
a
nd
Ma
ch
ine
Dat
a
2
Managing Key Pairs and Digital Certificates
from a Web Browser
Key pairs and digital certificates can be used for security purposes, such as
IEEE802.1X port-based authentication and SSL communication.
You can manage key pairs and digital certificates from the Remote UI by dividing
them into the following types:
■
Key and Certificate
In IEEE802.1X port-based authentication, a key pair (or a private key and
certificate) in PKCS#12 format is required for enabling the EAP-TLS method on
the client device. If you want to access the machine securely from a web browser
(Remote UI), generate a key pair and set it for SSL communications. Up to three
key pairs can be registered.
■
CA Certificate
CA certificates are used for verifying the digital certificates sent from other
devices, such as servers, client computers, etc. Up to 10 CA certificates
(including the pre-installed CA certificates) can be registered.
This section focuses on how to install and register key pairs and digital certificates
from a computer on the network. For instructions on how to generate a key pair for
SSL communications, see Chapter 3, “Setting up the Machine for Your Network
Environment,” in the
System Settings Guide
.
IMPORTANT
•
Certificates must meet the following requirements:
- Format: X.509 version 1 or version 3 (DER encoded binary)
- Signature algorithm: SHA1-RSA, SHA256-RSA, SHA384-RSA*, SHA512-RSA*,
MD5-RSA, or MD2-RSA (For CA certificates, SHA1-DSA is also allowed.)
- Key length: 512, 1024, 2048, or 4096 bits (RSA)/2048 or 3072 bits (DSA)
- File extension: ‘.p12’ or ‘.pfx’ (for key pair files)/‘.cer’ or ‘.der’ (for CA certificate files)
* SHA384-RSA and SHA512-RSA are supported only when the key length is 1024 bits or more.
•
The machine does not use certificate revocation list (CRL) for verifying digital
certificates.
•
The Certificate Settings are available only when the Remote UI is in the System
Manager Mode.
Summary of Contents for 1730
Page 2: ...imageRUNNER 1750i 1740i 1730i 1730 Remote UI Guide ...
Page 11: ...x ...
Page 27: ...Viewing the Machine Status and Information 1 16 Introduction to the Remote UI 1 ...
Page 117: ...Verifying SSL Server Certificates 4 40 Customizing Settings 4 ...
Page 118: ...5 1 CHAPTER 5 Appendix This chapter includes the glossary and index Glossary 5 2 Index 5 6 ...
Page 125: ...Index 5 8 Appendix 5 ...