authenticity of the web site depends on verifying a “chain of trust” between the browser and server; the failure of the chain of trust results in the warnings.
The chain of trust between the browser and the web server is established by linking the identity certificate from the web server to a Certificate Authority (CA) certificate that is installed in the browser. Commercial and public web sites will purchase and install an identity certificate from a well-known Certificate Authority such as Thawte, Verisign, Entrust etc; the issuing CA essentially makes a statement, with the certificate, that the web site is genuine. Browsers are configured by default to trust the well-known CAs and thus can establish the validity of the identity certificates presented by the web servers.
An HP Laserjet cannot, by default, present credentials as robust as the identity certificates presented by a public or commercial web site. First it is a matter of scale: the logistics and expense of providing robust (signed by well-known CA) identity certificates for hundreds of thousands of devices is prohibitive. Secondly, it is a matter of configuration: since the identity of an HP Laserjet is determined by the user at installation, a certificate cannot be issued until after installation and configuration.
HP Laserjet printers and MFPs, nevertheless, assure the best possible security given these constraints by creating a default self-signedcertificate which assures confidentiality but does not robustly provide authenticity. (A self-signedcertificate, rather than issued by a CA, is issued by the device itself, and thus cannot establish a chain of trust to a well-known CA.)
If desired, an HP Laserjet can be configured to provide both robust confidentiality and authenticity by purchasing and installing an identity certificate from a well-known CA. The HP Laserjet will generate a Certificate Signing Request (or equivalently, Certificate Request) that is submitted, along with supporting identity documentation, to the CA which will return a signed certificate to be installed in the HP Laserjet. This process is detailed on pages 88ff. of the JetDirect Administrator’s Guide (http://h20000.www2.hp.com/bc/docs/support/SupportManual/c01502097/c01502097.pdf).
Alternatively, if security is not required, secure web communications can be disabled on the Mgmt Protocols page of the JetDirect print server by unchecking the checkbox:
HP does not recommend disabling (unchecking) this feature.
