12 Encryption and Digital Signature Settings
Configuration of Encryption using IPSec
This section describes how to encrypt communication using IPSec.
When the IKE authentication method is set to [Authenticate by Preshared Key], skip
Step 1 "Import and Configuration of a Certificate" and go to Step 2 "Configuration on
the Machine (Configuration of IPSec)".
For the available IKE authentication methods, refer to "IKE Authentication Method" (P.172).
The following shows the reference section for each item.
Installation Overview
The following is the procedure for encrypting communication using IPSec.
Configuration on the Machine
When [IKE Authentication Method] is set to [Authenticate by Digital Signature], a
certificate for IPSec needs to be imported into the machine. After importing a certificate,
configure IPSec. By default, no certificate is registered with the machine.
Note
Configuration on a Computer
The following settings are required on a computer.
12
Step1 Import and Configuration of a Certificate
The following explains how to import and configure a certificate with CentreWare
Internet Services.
To configure a certificate on CentreWare Internet Services, first configure the
encryption settings for HTTP communication, and then import a certificate to use as a
scan file signature certificate.
For details on how to configure the encryption settings for HTTP communication, refer to
"Configuration of HTTP Communication Encryption" (P.316).
1
Start CentreWare Internet Services.
Refer to "Starting CentreWare Internet Services" (P.252).
2
Import a certificate.
Important • When a certificate is to be imported, if the same certificate has been already registered in
318
Step1 Import and Configuration of a Certificate ......................................................................318
Step2 Configuration on the Machine (Configuration of IPSec) ...............................................319
Step3 Configuration on a Computer .........................................................................................320
Configuring certificates by CentreWare Internet Services
Two methods are available depending on types of certificates.
- Create a self-certificate on the machine, and enable HTTPS.
- Enable HTTPS, and import a created certificate on the machine.
• If a certificate to be imported as an IPSec certificate contains V3 extension "KeyUsage",
"digitalSigunature" must be set to On.
Create an IP security policy
Assign the IP security policy
[Local Device] or [Others], the certificate cannot be imported. Delete the registered
certificate before importing.