HP 250m Print Server for Fast Ethernet, 250m Print Server - Fast Ethernet IE7 Certificate Error

Page 11

Figure 13 – IE7 Certificate Error 2

Notice the red URL and the “Certificate Error” message. Essentially, to go back to our story, Internet Explorer 7 is effectively saying “You may be at a fake ATM machine!”

The big question is “How can digital certificates help me determine that I’m going to the right website?” Well, there are two main components around digital certificates – the digital certificate issuer (Issued by:) and the holder of the digital certificate (Issued to:). A useful analogy is to think of the certificate issuer like a Department of Motor Vehicles (DMV). Each state in the United States has a DMV run by the state’s government. The DMV issues driver’s licenses which grant the privilege to drive in a given state. A person that goes to the DMV to get a driver’s license must pass a series of tests that helps the DMV determine if they are fit to drive on the state’s roads. The state’s Highway Patrol, a group which enforces the rules of the road, recognizes the validity of the DMV to issue driver’s licenses. Therefore, if one violates one of the rules of the road and is pulled over by a Highway Patrol officer, showing a driver’s license issued by the DMV is a requirement. The Highway Patrol will not recognize a driver’s license issued by an institution other than the DMV as being valid. In short, the DMV is a trusted third party that issues “certificates” (driver’s licenses) to individuals. These “certificates”, issued by the DMV, are trusted by the Highway Patrol. Essentially, the Highway Patrol, the DMV, and the licensed driver are the participants in a Driver’s License Infrastructure or DLI. Let’s move back to digital certificates and talk about a Public Key Infrastructure.

11

Image 11
Contents Introduction WhitepaperHttp Application What is SSL/TLS?Application Changes Https DecodedHttp Session More Info Https Session Lock Icon Certificate Details IE6 Security Alert Digital CertificatesIE7 Certificate Error IE7 Certificate Error Certificate Information Public Key Infrastructure and Public Key Certificate BasicsSymmetric Cryptography Asymmetric Cryptography Digital Signature Digital Signature Verification Certificate Authority Public Key Certificates Self-Signed Certificate SSL/TLS Protocol Structures SSL/TLS Protocol BasicsClient Hello Server Hello Server Certificate Verification Keying Material Client Finished Server Finished Using Https with HP JetdirectCA Heirarchy Network Diagram Page Page Under the heading Jetdirect Certificate, press Configure… Page Page Page Page Page Page Page Page Page Page Page Save it Go to Tools and click Internet Options Click Certificates Click Import… Click Next Select the file Click Next Page Page Page Page Page Detailed Look at the SSL/TLS Connection Page Page Page Page Check for server certificate revocation is not selected Page Page SSL/TLS Server Settings HP Jetdirect as an SSL/TLS Client Page Page Page Page Select R2 and hit Export… Click Next Select DER. Click Next Save it Save it Click Finish Page Select the file. Click Finish Click OK Page Same message. What did we do wrong? Page Page We use the DNS name and try again Success Page CA Hierarchy SSL/TLS Client Understanding Certificate ChainsPage RootCA Incorrect HP Jetdirect CA Configuration Correct HP Jetdirect CA Configuration Walking the Chain SSL/TLS Client Certificates and Name Verification Subject SubjectAltName Page Page Page IPP over SSL/TLS Click Next Select a network printer… Page Page Print a test Yep we have our print data protected by SSL/TLS Embedded Devices and Digital Certificates HP Jetdirect Certificate GuidelinesSummary Which HP Jetdirect Products Support SSL/TLS?