HP JetAdvantage Security Manager 10 Device E-LTU Instrukcja Użytkownika Pobierz pdf (Strona 42)

Certificate Management

Digital certificates are a primary foundation of security providing authentication and encryption

between two nodes. HP printers use certificates for authentication in a variety of use cases such as

IPPS, IPSEC, 802.1x, etc. Installing and managing certificates through a device’s embedded web

server (EWS) can be a tedious and time consuming venture for a fleet of devices. Security Manager

provides an excellent avenue for managing certificates on a fleet of devices.

Certificates can be used on HP printers to provide the following:

 Authentication/trust - verifies the identity of a recipient which ensures that information is only

available to the intended audience.

 Encryption - disguises information so that unauthorized readers are unable to decipher it.

The most common use of a digital certificate is to verify that a client sending a message is who it

claims to be, and to provide the receiver with the means to encode a reply. In cryptography, a public

key certificate (also known as a digital certificate or identity certificate) is an electronic document used

to prove ownership of a public key. The certificate includes information about the key, information

about its owner's identity, and the digital signature of an entity that has verified the certificate's

contents are correct. If the signature is valid, and the person examining the certificate trusts the signer,

then they know they can use that key to communicate with its owner.

Identity Certificate

Identity certificates, which are issued by a certificate authority (CA), are used to prove identity and

encrypt information. Select the check box to assess whether identity certificates are installed on the

device, then enter the required identity certificate configuration information.

For the Certificate Signing Request (CSR) Source, select whether the CSR is generated by HP Security

Manager or the device. If HP Security Manager is selected, the CSR is generated and sent to the

certificate authority (CA). When the certificate is returned, Security Manager installs it on the device.

If the device is selected, Security Manager requests that the device generate the CSR, sends it to the

CA, and then installs the certificate on the device.

One advantage to having Security Manager generate the CSR is that it may offer more selections for

Key Length and Signature Algorithm than the device can generate on its own. There are cases on

some devices where the device can accept more values for these fields in a certificate that it can

generate itself in its own certificate request. It should be noted that if Security Manager generates the

CSR, it naturally will have knowledge of the private key but only temporarily before it removes any

knowledge of it.

Once Security Manager retrieves the certificate from the CA, it places the certificate and the private

key on the device and removes all knowledge of the private from Security Manager.

1 2 ... 37 38 39 40 41 42 43 44 45 46 47 ... 115 116

Brak uwag

HP JetAdvantage Security Manager 10 Device E-LTU Instrukcja Użytkownika Strona 42