Manuals / Xerox / Computer Equipment / Printer

Xerox 1235/DX About HTTP, HTTPS, and SSL/TLS, About Certificates, Device Certificates, See also

Models: 1235DT 1235/DX 4510

1 116
Download 116 pages 5.2 Kb
Page 34
Image 34

Basic Concepts

About HTTP, HTTPS, and SSL/TLS

HTTP (Hyper Text Transfer Protocol) is the protocol used to communicate across the internet between the printer web server and the web browser (clients). Because the data is transmitted in plain text and passwords are only slightly encrypted, it is not secure; the data can be read or intercepted by other people.

HTTPS (Secure Hyper Text Transfer Protocol) is a secure version of HTTP. HTTPS provides authentication and encrypted communication to preserve the confidentiality of your data. Instead of using plain text, HTTPS uses either the SSL (Secure Socket Layer) protocol or the TLS (Transport Layer Security) protocol to encrypt data, thus ensuring reasonable protection from eavesdroppers and man-in-the-middle attacks.

Before using HTTPS, you must set up a certificate and select when to use SSL to encrypt data. You can set the printer to use SSL either to secure web pages that use passwords or to secure all web pages.

See also:

About Certificates on page 4-3

Managing Certificates on page 4-6

Configuring SSL on page 4-7

About Certificates

A certificate is an electronic message containing information about the printer and a digital signature.

Before configuring passwords, set up a certificate and then configure SSL to encrypt data including passwords for maximum security. You can set up a self-signed certificate or download a root-signed certificate, depending on your requirements.

Device Certificates:

A device certificate is stored in the printer and is used to validate the identity of the printer to clients and network servers and to allow encrypted communication. If you do not install a device certificate signed by a Certificate Authority (CA), a default self-signed device certificate is automatically established on the printer when it is needed. A CA signed device certificate is needed to log into the network when using 802.1X EAP authentication with TLS.

Self-Signed Certificates

Setting up a self-signed certificate is a quick and easy way to establish a certificate on the printer. The printer automatically generates a default self-signed certificate when the printer is turned on for the first time. To modify the certificate so it is specific to your printer, use CentreWare IS to enter information about the location of the printer.

While self-signed certificates are safe for most applications and allow data encryption, they do not ensure valid authentication. Self-signed certificates are not necessarily secure because the certificate owner is only confirming his own identify instead of verification by a trusted third party. Although self-signed certificates encrypt the data that is exchanged, they do not prevent man-in-the-middle attacks.

System Administrator Guide

4-3

Page 33 Page 35
Page 34
Image 34
Xerox 1235/DX About HTTP, HTTPS, and SSL/TLS, About Certificates, Device Certificates, Self-SignedCertificates, See also
Page 33 Page 35