HP 635n - JetDirect IPv6/IPsec Print Server - Page 70

HP 635n - JetDirect IPv6/IPsec Print Server

101 pages

To Next Page

To Next Page

To Previous Page

To Previous Page

Loading...

70

Figure 32 – Server ID Matching

Let’s look at some examples that show the behavior of the Server ID field with two IAS servers

configured as 802.1X Authentication Servers as shown previously:

• Example 1

: Jetdirect Server ID: Blank. Result: If the Authentication Server’s certificate is

trusted, accept all Common Names returned in the Subject field of the Authentication Server

certificate

• Example 2

: Jetdirect Server ID: “example.internal”, Require Exact Match not checked.

Result: If the Authentication Server’s certificate is trusted, accept all Common Names returned

in the Subject field of the Authentication Server certificate that have “example.internal” as a

rightmost subset. “ias.example.internal

” and “ias2.example.internal” will both be accepted

because “example.internal

” is a rightmost match for both.

• Example 3

: Jetdirect Server ID: “ias”, Require Exact Match not checked. Result: If the

Authentication Server’s certificate is trusted, accept all Common Names where “ias” is a

rightmost subset of the name. Here, both servers “ias.example.internal” and

“ias2.example.internal” will be REJECTED because it is not a rightmost subset of the name.

“ias” is a LEFTMOST match, it is NOT a rightmost match.

• Example 4

: Jetdirect Server ID: “ias.example.internal”, Require Exact Match is checked.

Result: If the Authentication Server’s certificate is trusted, accept all Common Names where

ias.example.internal is the EXACT name. Here, the server ias2.example.internal will be

REJECTED because it does NOT match EXACTLY “ias.example.internal”

• Example 5

: Jetdirect Server ID: “ias.example.internal”, Require Exact Match not checked.

Result: If the Authentication Server’s certificate is trusted, accept all Common Names where

ias.example.internal is a rightmost subset of the name. Here, the server

ias2.example.internal will be REJECTED because it is not a rightmost subset of the name.

As we can see, Jetdirect’s Server ID field allows for fine grained use of which certificate will be

accepted and can be configured to support multiple Authentication Servers without accepting all

common names.

Other manuals for HP 635n - JetDirect IPv6/IPsec Print Server

Administrator's Guide202 pages

Related product manuals

Preview: HP 615N - JetDirect Print Server

HP 615N - JetDirect Print Server

Preview: HP Jetdirect 610N

HP Jetdirect 610N

HP Jetdirect 380x

Preview: HP jetdirect 175x

HP jetdirect 175x

Preview: HP JetDirect Ew2500

HP JetDirect Ew2500

Preview: HP Jetdirect J7949e

HP Jetdirect J7949e

Preview: HP Jetdirect 2900nw

HP Jetdirect 2900nw

Preview: HP 300X - JetDirect Print Server

HP 300X - JetDirect Print Server

Preview: HP 170X - JetDirect Print Server

HP 170X - JetDirect Print Server

Ew2400 - JetDirect Print Server

Preview: En3700 - JetDirect Print Server

En3700 - JetDirect Print Server

Preview: Jetdirect ew2500 - 802.11b/g Wireless Print Server

Jetdirect ew2500 - 802.11b/g Wireless Print Server