Manuals / Xerox / Computer Equipment / Printer

Xerox 6300, 6350, 8500, 8550 About HTTP, HTTPS, and SSL/TLS, About Certificates, Basic Concepts

Models: 6300, 6350, 8500, 8550

1 86
Download 86 pages 41.78 Kb
Page 32
Image 32

Basic Concepts

About HTTP, HTTPS, and SSL/TLS

HTTP (Hyper Text Transfer Protocol) is the protocol used to communicate across the internet between the printer web server and the web browser (clients). Because the data is transmitted in plain text and passwords are only slightly encrypted, it is not secure; the data can be read or intercepted by other people.

HTTPS (Secure Hyper Text Transfer Protocol) is a secure version of HTTP. HTTPS provides authentication and encrypted communication to preserve the confidentiality of your data. Instead of using plain text, HTTPS uses either the SSL (Secure Socket Layer) protocol or the TLS (Transport Layer Security) protocol to encrypt data, thus ensuring reasonable protection from eavesdroppers and man-in-the-middle attacks.

Before using HTTPS, you must set up a certificate and select when to use SSL to encrypt data. You can set the printer to use SSL either to secure web pages that use passwords or to secure all web pages.

See also:

About Certificates on page 4-3

Setting Up a Certificate on page 4-6

Configuring SSL on page 4-7

About Certificates

A certificate is an electronic message containing information about the printer and a digital signature. A certificate is stored in the printer and is used to validate the identity of the printer to clients and network servers and to allow encrypted communication.

Before configuring passwords, set up a certificate and then configure SSL to encrypt data including passwords for maximum security. You can set up a self-signed certificate or download a root-signed certificate, depending on your requirements.

See also:

Self-Signed Certificates on page 4-3

Root-Signed Certificates on page 4-4

Self-Signed Certificates

Setting up a self-signed certificate is a quick and easy to establish a certificate on the printer. The printer automatically generates a default self-signed certificate when the printer is turned on for the first time. To modify the certificate so it is specific to your printer, use CentreWare IS to enter information about the location of the printer.

While self-signed certificates are safe for most applications and allow data encryption, they do not ensure valid authentication. Self-signed certificates are not necessarily secure because the certificate owner is only confirming his own identify instead of verification by a trusted third party. Although self-signed certificates encrypt the data that is exchanged, they do not prevent man-in-the-middle attacks.

System Administrator Guide

4-3

Page 31 Page 33
Page 32
Image 32
Xerox 6300, 6350, 8500, 8550 About HTTP, HTTPS, and SSL/TLS, About Certificates, Self-SignedCertificates, Basic Concepts
Page 31 Page 33