EasyManua.ls Logo

Canon imageCLASS D570 - Configuring Settings for Key Pairs and Digital Certificates

Canon imageCLASS D570
466 pages
Save Page as PDF
Print Icon
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
Conguring Settings for Key Pairs and Digital
Certicates
19Y4-051
In order to encrypt communication with a remote device, an encryption key must be sent and received over an
unsecured network beforehand. This problem is solved by public-key cryptography. Public-key cryptography ensures
secure communication by protecting important and valuable information from attacks, such as sning, spoong, and
tampering of data as it ows over a network.
Key Pair
A key pair consists of a public key and a secret key, both of which are required for encrypting or
decrypting data. Because data that has been encrypted with one of the key pair cannot be
returned to its original data form without the other, public-key cryptography ensures secure
communication of data over the network. A key pair is used for TLS encrypted communication
or TLS of the IEEE 802.1X authentication. Up to ve key pairs (including the preinstalled pairs)
can be generated to the machine ( Using CA-issued Key Pairs and Digital
Certicates(P. 259) ). A key pair can be generated with the machine ( Generating Key
Pairs(P. 252) ).
CA Certicate
Digital certicates including CA certicates are similar to other forms of identication, such as
driver's licenses. A digital certicate contains a digital signature, which enables the machine to
detect any spoong or tampering of data. It is extremely dicult for third parties to abuse
digital certicates. A digital certicate that contains a public key of a certication authority (CA)
is referred to as a CA certicate. CA certicates are used for verifying the device the machine is
communicating with for features such as printing with Google Cloud Print or IEEE 802.1X
authentication. Up to 67 CA certicates can be registered, including the 62 certicates that are
preinstalled in the machine ( Using CA-issued Key Pairs and Digital Certicates(P. 259) ).
Key and Certicate Requirements
The certicate contained in a key pair generated with the machine conforms to X.509v3. If you install a key pair or a CA
certicate from a computer, make sure that they meet the following requirements:
Format
Key pair: PKCS#12
*1
CA certicate: X.509v1 or X.509v3, DER (encoded binary), PEM
File extension Key pair: ".p12" or ".pfx"
CA certicate: ".cer"
Public key algorithm
(and key length)
RSA (512 bits, 1024 bits, 2048 bits, or 4096 bits)
Certicate signature algorithm
SHA1-RSA, SHA256-RSA, SHA384-RSA
*2
, SHA512-RSA
*2
, MD5-RSA, or MD2-RSA
Certicate thumbprint algorithm SHA1
*1
Requirements for the certicate contained in a key pair are pursuant to CA certicates.
*2
SHA384-RSA and SHA512-RSA are available only when the RSA key length is 1024 bits or more.
Security
250

Table of Contents

Other manuals for Canon imageCLASS D570

Preview: Getting Started
Getting Started36 pages

Related product manuals