Associating via OpenAPI
Overview
To use application software that communicates with this machine via OpenAPI, configure the OpenAPI settings of this machine.
If a certificate for this machine is registered, you can use SSL to encrypt communication between this machine and a client when the machine acts as a server.
By using the Simple Service Discovery Protocol (SSDP) function of this machine, you can associate with OpenAPI connection application software smoothly.
To perform the association via OpenAPI, follow the below procedure to configure the settings.
Configure settings for connecting to the network such as setting of the IP address of this machine
For details on configuring the setting, refer to [Configuring network environment settings] .
Configure the basic OpenAPI settings
For details on configuring the setting, refer to [Configure the basic OpenAPI settings] .
Set the following options according to your environment
Purpose
Reference
Communicating with application software via a proxy server
Encrypting communication between this machine and application software with SSL.
Referencing authentication information from the extended server when the OpenAPI application starts (Single Sign-On)
Configure the basic OpenAPI settings
Enable the SSDP function. If necessary, change the OpenAPI communication port number.
In the administrator mode, select [Network] - [SSDP Settings], then configure the following settings.
Settings
Description
[SSDP]
Select [ON] to use the OpenAPI.
This allows for the following actions:
Notifying of OpenAPI service having started on this machine.
Returning a response to a search for OpenAPI service.
[ON] is specified by default.
[Multicast TTL Setting]
Change TTL (Time To Live) for SSDP multi-cast packet if necessary.
The value is decremented by one each time a communication is established via the router. When the value reaches 0, packets are discarded.
[1] is specified by default.
In the administrator mode, select [Network] - [OpenAPI Setting], and change the port number if necessary (Default: [50001]).
In normal circumstances, you can use the original port number.
If you click [OK] after changing multiple port numbers collectively in Web Connection or on the Control Panel, a port number duplication error may appear. If a port number duplication error appears, change multiple port numbers one by one instead of changing them collectively.
Using the proxy server
When the proxy server is used in your network environment, you can configure settings to communicate with applications via the proxy server.
To use the proxy server, register the proxy server information on this machine. In addition, configure the settings for connection to the proxy server.
In the administrator mode, select [Network] - [OpenAPI Setting], then configure the following settings.
Settings | Description |
---|---|
[Proxy Server Address] | Enter the proxy server address. Use one of the following formats.
|
[Proxy Server Port Number] | If necessary, change the proxy server port number. [8080] is specified by default. |
[Proxy Server Port Number (HTTPS)] | If necessary, change the port number of the proxy server when using the HTTPS protocol. [8080] is specified by default. |
[Proxy Server Port Number (FTP)] | If necessary, change the port number of the proxy server when using the FTP protocol. [21] is specified by default. |
[User Name] | Enter the user name to log in to the proxy server (using up to 63 characters). |
[Password] | Enter the password of the user name you entered into [User Name] (using up to 63 characters). To enter (change) the password, select the [Password is changed.] check box, then enter a new password. |
Using SSL communication
Use SSL to encrypt communication between this machine and application software via OpenAPI.
Register a certificate for this machine and enable SSL communication.
For details, refer to [Creating a certificate for this machine to communicate via SSL] .
In the administrator mode, select [Network] - [OpenAPI Setting], then configure the following settings.
Settings
Description
[Use SSL/TLS]
To use SSL communication, select [SSL Only] or [SSL/Non-SSL].
[SSL Only] is specified by default.
[Port No.(SSL)]
If necessary, change the SSL communication port number.
In normal circumstances, you can use the original port number.
[50003] is specified by default.
[Certificate Verification Level Settings]
To verify the certificate, select items to be verified.
If you select [Confirm] at each item, the certificate is verified for each item.
[Client Certificates]
Select whether to request a certificate from clients that connect to this machine.
[Do not request] is specified by default.
[Validity Period]
Confirm whether the certificate is still valid.
[Confirm] is specified by default.
[CN]
Confirm whether CN (Common Name) of the certificate matches the server address.
[Do Not Confirm] is specified by default.
[Key Usage]
Confirm whether the certificate is used according to the intended purpose approved by the certificate issuer.
[Do Not Confirm] is specified by default.
[Chain]
Confirm whether there is a problem in the certificate chain (certificate path).
The chain is validated by referencing the external certificates managed on this machine.
[Do Not Confirm] is specified by default.
[Expiration Date Confirmation]
Confirm whether the certificate has expired.
Confirm for expiration of the certificate in the following order.
OCSP (Online Certificate Status Protocol) service
CRL (Certificate Revocation List)
[Do Not Confirm] is specified by default.
In the administrator mode, select [Security] - [Certificate Verification Settings], then configure whether to verify the certificate. The certificate is verified by default. For details, refer to [Verifying a certificate for peer] .
Using the single sign-on
Reference authentication information from the extended server when the OpenAPI application starts. This allows you to build up a single sign-on environment with the OpenAPI application to be started and the backend system that is associated with the OpenAPI application.
In the administrator mode, select [Network] - [OpenAPI Settings] - [Single Sign-On Setting], then configure the following settings.
Settings | Description |
---|---|
[Authentication Info. Reference] | Select whether to reference authentication information from the extended server when the OpenAPI application registered on this machine starts. [OFF] is specified by default. |
[Registered Application List] | Specify the OpenAPI application in which a reference of authentication information is to be permitted in the list of OpenAPI applications registered on this machine. Click [Edit], then select whether to reference authentication information in each application. |