Table of Contents
Advertisement
For information on the setting procedure, refer to "Configuration of HTTP Communications Encryption" (P.395).
Encrypting HTTP Communications from the Machine to a Remote Server
The SSL/TLS protocol is used to encrypt the HTTP communications between a remote server
and the machine.
No certificate is required in general. However, if a remote server is set to require an SSL client
certificate, you can use a certificate issued by another CA.
When verification of server certificates is enabled to verify the SSL/TLS certificate of a
remote server, import a certificate issued by another CA using CentreWare Internet Services
to the machine.
When verifying a SSL/TLS server certificate of a remote server with the verification of the
server certificate enabled, import the certificate of the CA included in the higher level of the
certificate path to the machine using CentreWare Internet Services.
Note
Encryption using IPsec
IPsec enables IP-level (not application-level) encrypted communications with remote
devices.
If you select [Authenticate by Digital Signature] for [IKE Authentication Method], a
certificate issued by another CA is required.
If you select [Authenticate by Preshared Key], no device certificate is required.
Note
For information on IKE authentication methods, refer to "IPsec Settings" (P.226).
For information on the setting procedure, refer to "Configuration of Encryption using IPsec" (P.398).
To verify the certificate of the remote device, you must register a root certificate created by
a CA of the remote device on the machine.
Note
E-mail Encryption/Digital Signature
S/MIME is used for E-mail Encryption/Digital Signature. To use S/MIME on the machine, S/
MIME certificates are used.
For an S/MIME certificate, you can use a certificate issued by another CA.
The personal certificates or the device certificates of destinations are required for encrypted
communications.
Note
For information on the setting procedure, refer to "Configuration of E-mail Encryption/Digital Signature" (P.401).
Encryption and Digital-Signature Features for Scan Files
Encrypting PDF/DocuWorks Documents
PDF and DocuWorks documents can be encrypted and protected by a password.
For information on how to encrypt PDF and DocuWorks documents, refer to "5 Scan" > "E-mail" > "File Format (Selecting a
File Format for Output Data)" in the User Guide.
• If the certificate for the SSL client contains the V3 extension "keyUsage", "digitalSignature" must be
asserted. For information on how to check it on Windows, refer to "How to check the certificate
settings on Windows" (P.391).
• If the certificate for IPsec contains the V3 extension (keyUsage), "digitalSignature" bit must be
asserted. For information on how to check it on Windows, refer to "How to check the certificate
settings on Windows" (P.391).
• To use certificates that have already been created, import them with CentreWare Internet Services.
• If the certificate for S/MIME contains an "email Address" or a V3 extension (keyUsage),
"digitalSignature" and "keyEncipherment" must be asserted. If the certificate contains v3 extension
(extendedKeyUsage), "emailProtection" must be set. For information on how to check it on
Windows, refer to "How to check the certificate settings on Windows" (P.391).
Encryption and Digital Signature Overview
13
393
Advertisement
Chapters
Table of Contents
