Associating via OpenAPI

Overview

To use application software that communicates with this machine via OpenAPI, configure the OpenAPI settings of this machine.

If a certificate for this machine is registered, you can use SSL to encrypt communication between this machine and a client when the machine acts as a server.

By using the Simple Service Discovery Protocol (SSDP) function of this machine, you can associate with OpenAPI connection application software smoothly.

To perform the association via OpenAPI, follow the below procedure to configure the settings.

  1. Configure settings for connecting to the network such as setting of the IP address of this machine

    supplementary explanationFor details on configuring the setting, refer to [Configuring network environment settings] .

  2. Configure the basic OpenAPI settings

    supplementary explanationFor details on configuring the setting, refer to [Configure the basic OpenAPI settings] .

  3. Set the following options according to your environment

    Purpose

    Reference

    Communicating with application software via a proxy server

    [Using the proxy server]

    Encrypting communication between this machine and application software with SSL.

    [Using SSL communication]

    Referencing authentication information from the extended server when the OpenAPI application starts (Single Sign-On)

    [Using the single sign-on]

Configure the basic OpenAPI settings

Enable the SSDP function. If necessary, change the OpenAPI communication port number.

  1. In the administrator mode, select [Network] - [SSDP Settings], then configure the following settings.

    Settings

    Description

    [SSDP]

    Select [ON] to use the OpenAPI.

    This allows for the following actions:

    • Notifying of OpenAPI service having started on this machine.

    • Returning a response to a search for OpenAPI service.

    [ON] is specified by default.

    [Multicast TTL Setting]

    Change TTL (Time To Live) for SSDP multi-cast packet if necessary.

    The value is decremented by one each time a communication is established via the router. When the value reaches 0, packets are discarded.

    [1] is specified by default.

  2. In the administrator mode, select [Network] - [OpenAPI Setting], and change the port number if necessary (Default: [50001]).

    supplementary explanationIn normal circumstances, you can use the original port number.

Tips
  • If you click [OK] after changing multiple port numbers collectively in Web Connection or on the Control Panel, a port number duplication error may appear. If a port number duplication error appears, change multiple port numbers one by one instead of changing them collectively.

Using the proxy server

When the proxy server is used in your network environment, you can configure settings to communicate with applications via the proxy server.

To use the proxy server, register the proxy server information on this machine. In addition, configure the settings for connection to the proxy server.

In the administrator mode, select [Network] - [OpenAPI Setting], then configure the following settings.

Settings

Description

[Proxy Server Address]

Enter the proxy server address.

Use one of the following formats.

  • Example of host name entry: "host.example.com"

  • Example of IP address (IPv4) entry: "192.168.1.1"

  • Example of IP address (IPv6) entry: "fe80::220:6bff:fe10:2f16"

[Proxy Server Port Number]

If necessary, change the proxy server port number.

[8080] is specified by default.

[Proxy Server Port Number (HTTPS)]

If necessary, change the port number of the proxy server when using the HTTPS protocol.

[8080] is specified by default.

[Proxy Server Port Number (FTP)]

If necessary, change the port number of the proxy server when using the FTP protocol.

[21] is specified by default.

[User Name]

Enter the user name to log in to the proxy server (using up to 63 characters).

[Password]

Enter the password of the user name you entered into [User Name] (using up to 63 characters).

To enter (change) the password, select the [Password is changed.] check box, then enter a new password.

Using SSL communication

Use SSL to encrypt communication between this machine and application software via OpenAPI.

  1. Register a certificate for this machine and enable SSL communication.

    supplementary explanationFor details, refer to [Creating a certificate for this machine to communicate via SSL] .

  2. In the administrator mode, select [Network] - [OpenAPI Setting], then configure the following settings.

    Settings

    Description

    [Use SSL/TLS]

    To use SSL communication, select [SSL Only] or [SSL/Non-SSL].

    [SSL Only] is specified by default.

    [Port No.(SSL)]

    If necessary, change the SSL communication port number.

    In normal circumstances, you can use the original port number.

    [50003] is specified by default.

    [Certificate Verification Level Settings]

    To verify the certificate, select items to be verified.

    If you select [Confirm] at each item, the certificate is verified for each item.

    [Client Certificates]

    Select whether to request a certificate from clients that connect to this machine.

    [Do not request] is specified by default.

    [Validity Period]

    Confirm whether the certificate is still valid.

    [Confirm] is specified by default.

    [CN]

    Confirm whether CN (Common Name) of the certificate matches the server address.

    [Do Not Confirm] is specified by default.

    [Key Usage]

    Confirm whether the certificate is used according to the intended purpose approved by the certificate issuer.

    [Do Not Confirm] is specified by default.

    [Chain]

    Confirm whether there is a problem in the certificate chain (certificate path).

    The chain is validated by referencing the external certificates managed on this machine.

    [Do Not Confirm] is specified by default.

    [Expiration Date Confirmation]

    Confirm whether the certificate has expired.

    Confirm for expiration of the certificate in the following order.

    • OCSP (Online Certificate Status Protocol) service

    • CRL (Certificate Revocation List)

    [Do Not Confirm] is specified by default.

Reference
  • In the administrator mode, select [Security] - [Certificate Verification Settings], then configure whether to verify the certificate. The certificate is verified by default. For details, refer to [Verifying a certificate for peer] .

Using the single sign-on

Reference authentication information from the extended server when the OpenAPI application starts. This allows you to build up a single sign-on environment with the OpenAPI application to be started and the backend system that is associated with the OpenAPI application.

In the administrator mode, select [Network] - [OpenAPI Settings] - [Single Sign-On Setting], then configure the following settings.

Settings

Description

[Authentication Info. Reference]

Select whether to reference authentication information from the extended server when the OpenAPI application registered on this machine starts.

[OFF] is specified by default.

[Registered Application List]

Specify the OpenAPI application in which a reference of authentication information is to be permitted in the list of OpenAPI applications registered on this machine.

Click [Edit], then select whether to reference authentication information in each application.