Canon I Sensys Lbp6030b User Guide
Have a look at the manual Canon I Sensys Lbp6030b User Guide online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 1335 Canon manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.
Select the key to use from the list of keys and certificates, and click [Register Default Key]. Viewing details of a key pair or certificate You can check the details of the certificate or verify the certificate by clicking the corresponding text link under [Key Name], or the certificate icon. Verifying Key Pairs and CA Certificates Enable SSL. 1Click [Security Settings] [Remote UI Settings]. 2Click [Edit]. 3Select the [Use SSL] check box and click [OK]. [Use SSL] Select the check box to use SSL in communication with the Remote UI. Clear the check box if you do not want to use SSL. Restart the machine. Turn OFF the machine, wait for at least 10 seconds, and turn it back ON. 5 6 7 >Ý>Ý>Ý>Ì>Û>Ì>Þ>Ý>å
Starting the Remote UI with SSL enabled If you start the Remote UI when SSL is enabled, a security alert may be displayed regarding the security certificate. In this case, check that the correct URL is entered in the address field, and then proceed to display the Remote UI. Starting the Remote UI LINKS Generating Key Pairs Using CA- issued Key Pairs and Digital Certificates Monitoring and Controlling the Machine with SNMP >Ý>Ý>Þ>Ì>Û>Ì>Þ>Ý>å
0HWJ-030 Configuring Settings for Key Pairs and Digital Certificates In order to encrypt communication with a remote device, an encryption key must be sent and received over an unsecured network beforehand. This problem is solved by public -key cryptography. Public -key cryptography ensures secure communication by protecting valuable information from attacks, such as sniffing, spoofing, and tampering of data as it flows over a network. Key Pair A key pair consists of a public key and a secret key, both of which are required for encrypting or decrypting data. Data can be exchanged safely, because encrypted data cannot be decrypted without the other key in a key pair. You can register up to three key pairs ( Using CA- issued Key Pairs and Digital Certificates). Key pairs can also be generated by the machine (Generating Key Pairs ). CA Certificate Digital certificates including CA certificates are similar to other forms of identification, such as driver's licenses. A digit al certificate contains a digital signature, which enables the machine to detect any spoofing or tampering of data. It is extremely difficult for third parties to abuse digital certificates. Digital certificates (including public keys) that are issued by a certificate authority (CA) are called CA certificates. You can register up to three CA certificates including the one that is preinstalled ( Using CA- issued Key Pairs and Digital Certificates ). Key and Certificate Operating Requirements Certificates for key pairs generated with the machine must conform to X.509v3. If you install a key pair or a CA certificate from a computer, make sure that they meet the following requirements. Format Key pair: PKCS#12 CA certificate: X.509v1 or X.509v3, DER (encoded binary) Files extension Key pair: ".p12" or ".pfx" CA certificate: ".cer" Public key algorithm (and key length) RSA (512 bits , 1024 bits, 2048 bits, or 4096 bits) Certificate signature algorithm SHA1-RSA, SHA256-RSA, SHA384-RSA , SHA512-RSA , MD5 -RSA, MD2 -RSA Certificate thumbprint algorithm SHA1 Requirements for the certificate contained in a key pair shall follow the operating conditions for CA certificates. Not supported when the operating system of the communication partner device is Windows 8/Server 2012. Depending on the application of update programs, encrypted communication may also not be possible with other versions of Windows. SHA384 -RSA and SHA512 -RSA are available only when the RSA key length is 1024 bits or more. The machine does not support use of a certificate revocation list (CRL). *1 *2 *3 *3 *1 *2 *3 >Ý>Ý>ß>Ì>Û>Ì>Þ>Ý>å
0HWJ-031 Generating Key Pairs The key pair required for encrypted communication via Secure Sockets Layer (SSL) can be generated with the machine. You can use SSL when accessing the machine via the Remote UI. Up to three key pairs can be registered on the machine. Start the Remote UI and log on in System Manager Mode. Starting the Remote UI Click [Settings/Registration]. Click [Security Settings] [Key and Certificate Settings]. Click [Generate Key]. To delete a registered key pairOn the right side of the key pair that you want to delete, click [Delete] [OK]. A key pair cannot be deleted when "SSL" is displayed under [Key Usage], indicating that the key pair is currently in use. In th is case, disable SSL or replace the key pair with another. You will then be able to delete it. Specify settings for the key and certificate. 1 2 3 4 5 >Ý>Ý>à>Ì>Û>Ì>Þ>Ý>å
[Key Settings][Key Name] Enter up to 24 alphanumeric characters for naming the key pair. Set a name that will be easy for you to find later in a list. [Signature Algorithm] Select the signature algorithm from the drop-down list. [Key Algorithm] The algorithm used to generate keys is RSA. Select the key length from the drop-down list. The larger the number for the key length, the slower the communication. However, the security is tighter. [512-bit] cannot be selected for the key length, if [SHA384] or [SHA512] is selected for [Signature Algorithm]. [Certificate Settings][Validity Start Date] Enter the first date of validity of the certificate in year/month/day format in the range 1 January 2000 to 31 December 2037. [Validity End Date] Enter the last date of validity of the certificate in year/month/day format in the range 1 January 2000 to 31 December 2037. A date earlier than the [Validity Start Date] cannot be set. [Country/Region] Click the [Select Country/Region] radio button and select the country/region from the drop-down list. You can also click the [Enter Internet Country Code] radio button and enter a country code, such as "US" for the United States. [State]/[City] As necessary, enter up to 24 alphanumeric characters for the address. [Organization]/[Organization Unit] As necessary, enter up to 24 alphanumeric characters for the name of the organization. [Common Name] As necessary, enter up to 48 alphanumeric characters for the common name of the certificate. "Common Name" is often abbreviated as "CN." Click [OK]. A key pair may take approximately 10 to 15 minutes to generate. After a key pair is generated, it is automatically registered to the machine. LINKS Using CA- issued Key Pairs and Digital Certificates Verifying Key Pairs and CA Certificates Enabling SSL Encrypted Communication for the Remote UI 6 >Ý>Ý>á>Ì>Û>Ì>Þ>Ý>å
0HWJ-032 Using CA-issued Key Pairs and Digital Certificates Key pairs and digital certificates can be obtained from a certification authority (CA) for use with the machine. After obtaining them from a CA, you can install and register key pairs and CA certificate files on the machine by using the Remote UI. Make sure that the key pair and the certificate satisfy the requirements of the machine ( Key and Certificate Operating Requirements ). You can register up to three key pairs and three CA certificates including the preinstalled ones. Start the Remote UI and log on in System Manager Mode. Starting the Remote UI Click [Settings/Registration]. Click [Security Settings] Click [Key and Certificate Settings] or [CA Certificate Settings]. Click [Key and Certificate Settings] to install a key pair, or [CA Certificate Settings] to install a CA certificate. Click [Register Key and Certificate] or [Register CA Certificate]. To delete a registered key pair or CA certificate On the right of the key pair or CA certificate you want to delete, click [Delete] [OK]. A key pair cannot be deleted when "SSL" is displayed under [Key Usage], indicating that the key pair is currently in use. In th is case, disable SSL or replace the key pair with another. You will then be able to delete it. Click [Install]. 1 2 3 4 5 >Ý>Ý>â>Ì>Û>Ì>Þ>Ý>å
You can only install one file on this machine. If another file is already installed, click [Delete] [OK] to delete the previously installed file. Click [Browse], specify the file to install, and click [Start Installation]. The key pair or CA certificate from the computer is installed in the machine. Register the key pair or CA certificate. Registering a key pair 1Click [Register] on the right of the key pair you want to register. 2Enter the name of the key pair and password, and then click [OK]. [Key Name] Enter a name of up to 24 alphanumeric characters for registering the key pair in the machine. Set a name that will be easy for you to find later in a list. [Password] Enter up to 24 alphanumeric characters for the password of the secret key that is set in the file to be registered. Registering a CA certificate 6 7 >Ý>Ý>ã>Ì>Û>Ì>Þ>Ý>å
Click [Register] on the right of the CA certificate you want to register. LINKS Generating Key Pairs Verifying Key Pairs and CA Certificates Enabling SSL Encrypted Communication for the Remote UI >Ý>Ý>ä>Ì>Û>Ì>Þ>Ý>å
0HWJ-033 Verifying Key Pairs and CA Certificates Once key pairs and CA certificates are registered, you can view their detailed information or verify their effective dates and signature. Start the Remote UI and log on in System Manager Mode. Starting the Remote UI Click [Settings/Registration]. Click [Security Settings] Click [Key and Certificate Settings] or [CA Certificate Settings]. Click [Key and Certificate Settings] to verify a key pair, or [CA Certificate Settings] to verify a CA certificate. Click the icon for the key pair or CA certificate that you want to verify. Certificate details are displayed. Check the certificate details, and click [Certificate Verification]. 1 2 3 4 5 >Ý>Ý>å>Ì>Û>Ì>Þ>Ý>å
The result from verifying the certificate is displayed as shown below. LINKS Generating Key Pairs Using CA- issued Key Pairs and Digital Certificates >Ý>Þ>Ü>Ì>Û>Ì>Þ>Ý>å