HomeWeb Management ToolUsing an SSL/TLS communication

Using an SSL/TLS communication

About the certificate of this machine

Communication between this machine and the computer can be encrypted with SSL to enhance security.

A certificate for this machine is used for the SSL communication between the machine and the computer. As a certificate was registered on this machine upon shipment, you can only enable SSL/TLS on the machine to start the SSL encrypted communication immediately after setup.

This machine can manage multiple certificates and use different certificates depending on the application (protocol). You can self-create a new certificate or install a certificate issued by the Certificate Authority (CA).

The following shows how to use the certificate on this machine.

Usage

Description

Using the certificate registered upon shipment

The certificate that was registered on this machine upon shipment can be used as it is.

Using a self-created certificate

Create a certificate with this machine.

The Certificate Authority (CA) is not required for a self-created certificate, and it can be used simply after entering necessary information for creating the certificate.

Using a certificate issued by the Certificate Authority (CA)

Create certificate signing request data in this machine, and request a trusted Certificate Authority (CA) for issuing a certificate for the machine. When the data is returned from the Certificate Authority after its review, register the data with this machine.

  • Importing a certificate (Here)

  • Using different certificates depending on the application (Here)

Using the certificate registered upon shipment

Select a login mode to enable SSL communication. Also select the SSL encryption strength.

Select [Security] - [PKI Settings] - [SSL Setting] in administrator mode of Web Connection, and configure the following settings.

Setting

Description

[Mode using SSL/TLS]

Select a login mode to establish SSL communications (default: [None]).

  • [Admin. Mode]: Establishes SSL communications in the administrator mode only.

  • [Admin. Mode and User Mode]: Establishes SSL communications in both the administrator mode and user mode.

  • [None]: Does not establish SSL communications.

[Encryption Strength]

Select the SSL encryption strength (default: [AES-256, 3DES-168, RC4-128]).

[SSL/TLS Version Setting]

Select the version of the SSL to be used.

Self-creating a certificate

Create a certificate with this machine. The Certificate Authority (CA) is not required for a self-created certificate, and it can be used simply after entering necessary information for creating the certificate.

  1. Select [Security] - [PKI Settings] - [Device Certificate Setting] - [New Registration] - [Create and install a self-signed Certificate.] in administrator mode of Web Connection, and enter information required for creating a certificate, then click [OK].

    The certificate is created and installed on this machine. It may take several minutes to create a certificate.

    Setting

    Description

    [Common Name]

    Displays the IP address of this machine.

    [Organization]

    Enter an organization or association name (using up to 63 ASCII characters).

    [Organizational Unit]

    Enter the organization unit name (using up to 63 ASCII characters).

    You can also specify a null.

    [Locality]

    Enter the locality name (using up to 127 ASCII characters).

    [State/Province]

    Enter the state or province name (using up to 127 ASCII characters).

    [Country]

    Enter the country name. As the country name, specify a country code defined in ISO03166 (using up to two ASCII characters).

    United States: US, Great Britain: GB, Italy: IT, Australia: AU, The Netherlands: NL, Canada: CA, Spain: ES, Czech Republic: CZ, China: CN, Denmark: DK, Germany: DE, Japan: JP, France: FR, Belgium: BE, Russia: RU

    [Admin. E-mail Address]

    Enter the E-mail address of the administrator of this machine (using up to 128 characters, excluding spaces).

    If the E-mail address of the administrator was already registered from [System Settings] - [Machine Setting], this field displays the registered E-mail address.

    [Validity Start Date]

    Displays the starting date of the certificate validity period.

    Displays the date and time of this machine when this screen is displayed.

    [Validity Period]

    Enter the validity period of a certificate with the number of days that have elapsed since the starting date.

    [Encryption Key Type]

    Select a type of encryption key.

  2. When the certificate has been installed, enable SSL communication (Here).

Requesting the Certificate Authority for issuing a certificate

Create certificate signing request data in this machine, and request a trusted Certificate Authority (CA) for issuing a certificate for the machine. When the data is returned from the Certificate Authority after its review, register the data with this machine.

  1. Select [Security] - [PKI Settings] - [Device Certificate Setting] - [New Registration] - [Request a Certificate] in administrator mode of Web Connection, and enter information required for issuing a certificate, then click [OK].

    The certificate signing request data to be sent to the Certificate Authority is created.

    Setting

    Description

    [Common Name]

    Displays the IP address of this machine.

    [Organization]

    Enter an organization or association name (using up to 63 ASCII characters).

    [Organizational Unit]

    Enter the organization unit name (using up to 63 ASCII characters).

    You can also specify a null.

    [Locality]

    Enter the locality name (using up to 127 ASCII characters).

    [State/Province]

    Enter the state or province name (using up to 127 ASCII characters).

    [Country]

    Enter the country name. As the country name, specify a country code defined in ISO03166 (using up to two ASCII characters).

    United States: US, Great Britain: GB, Italy: IT, Australia: AU, The Netherlands: NL, Canada: CA, Spain: ES, Czech Republic: CZ, China: CN, Denmark: DK, Germany: DE, Japan: JP, France: FR, Belgium: BE, Russia: RU

    [Admin. E-mail Address]

    Enter the E-mail address of the administrator of this machine (using up to 128 characters, excluding spaces).

    If the E-mail address of the administrator was already registered from [System Settings] - [Machine Setting], this field displays the registered E-mail address.

    [Encryption Key Type]

    Select a type of encryption key.

  2. Click [Save].

    • Click this button to save certificate signing request data on your computer as a file.

  3. Send the certificate signing request data to the Certificate Authority.

    When the data is returned from the Certificate Authority after its review, register the data with this machine.

  4. Select [Security] - [PKI Settings] - [Device Certificate Setting] - [Setting] - [Install a Certificate] in administrator mode of Web Connection, and paste the text data sent from the Certificate Authority (CA), and then click [Install].

  5. When the certificate has been installed, enable SSL communication (Here).