Xerox 5222 User Manual
297
13 Security - Encryption/Digital Signature
This chapter describes how to configure the encryption and digital signature features
for the machine.
The following information is provided:
for the machine.
The following information is provided:
Types of Encryption/Digital Signature Services Available – page 297
Configuration of HTTPS (SSL/TLS) Communication Encryption – page 298
Configuration of E-mail Encryption/Digital Signature – page 300
Configuration of Scan File Signatures (PDF/XPS Documents) – page 303
Configuration of IPsec – page 305
Configuration of HTTPS (SSL/TLS) Communication Encryption – page 298
Configuration of E-mail Encryption/Digital Signature – page 300
Configuration of Scan File Signatures (PDF/XPS Documents) – page 303
Configuration of IPsec – page 305
NOTE: Some of the features described in this chapter are optional, and may not apply
to your machine configuration.
to your machine configuration.
Types of Encryption/Digital Signature Services Available
The communication data between the machine and computers on a network can be
encrypted.
Encryption for the machine, as described in this chapter, is set up using CentreWare
Internet Services.
NOTE: For details on CentreWare Internet Services, refer to
encrypted.
Encryption for the machine, as described in this chapter, is set up using CentreWare
Internet Services.
NOTE: For details on CentreWare Internet Services, refer to
The quickest and easiest, although not the most reliable, method to use to set up initial
HTTP communication encryption is the generation of a self-signed certificate (as stated
under
HTTP communication encryption is the generation of a self-signed certificate (as stated
under
).
To manage digital certificates stored in the machine, click [Machine Digital Certificate
Management] in the [Security] folder on the [Properties] page of CentreWare Internet
Services.
Management] in the [Security] folder on the [Properties] page of CentreWare Internet
Services.
Encryption of HTTP Communications from a Client to the Machine (Server Certificate)
The SOAP port, Internet service (HTTP) port, IPP port, and WebDAV port use the
HTTP server of the machine.
The SSL/TLS suite of protocols is used in the encryption of HTTP communications from
a client to the machine. A user of a client computer accesses the machine’s HTTP
server by typing “https://”, followed by the Internet address of the machine, into the
[Address] box of a web browser application. The machine then offers the client a Digital
Certificate, which the client accepts (after reviewing the validity of same). Upon
acceptance of the Digital Certificate, a Public Key exchange takes place, encryption
algorithms are agreed upon between the two parties, and the client uses the server’s
Public Key to communicate with the server using digitally signed and encrypted data.
Digital certificates imported from a Certificate Authority, or self-signed certificates
created with CentreWare Internet Services, can be used as SSL/TLS certificates on the
machine’s HTTP server.
HTTP server of the machine.
The SSL/TLS suite of protocols is used in the encryption of HTTP communications from
a client to the machine. A user of a client computer accesses the machine’s HTTP
server by typing “https://”, followed by the Internet address of the machine, into the
[Address] box of a web browser application. The machine then offers the client a Digital
Certificate, which the client accepts (after reviewing the validity of same). Upon
acceptance of the Digital Certificate, a Public Key exchange takes place, encryption
algorithms are agreed upon between the two parties, and the client uses the server’s
Public Key to communicate with the server using digitally signed and encrypted data.
Digital certificates imported from a Certificate Authority, or self-signed certificates
created with CentreWare Internet Services, can be used as SSL/TLS certificates on the
machine’s HTTP server.