Generating Key Pairs

A key pair can be generated with the machine when it is required for encrypted communication via Transport Layer Security (TLS). You can use TLS when accessing the machine from an Apple device in order to use AirPrint. Up to five key pairs can be registered to the machine. Generate Network Communication Key, Generate Key and Certificate Signing Request (CSR)

Generate Network Communication Key

1
Display the screen for AirPrint. Displaying the Screen for AirPrint
2
Click [Key and Certificate Settings].

If the screen for AirPrint is not displayed
Log on to the Remote UI in System Manager Mode (Starting Remote UI)  [Settings/Registration]  [Security Settings]  [Key and Certificate Settings].
3
Click [Generate Key...].

Deleting a registered key pair
Click [Delete] on the right of the key pair you want to delete  click [OK].
"TLS" is displayed for a currently used key pair, and the key pair cannot be deleted. In this case, disable the function or replace the key pair before deleting it.
4
Select [Network Communication] and click [OK].
5
Specify settings for the key and certificate.
 [Key Settings]
[Key Name]
Enter up to 24 alphanumeric characters for naming the key pair. Set a name that will be easy for you to find later in a list.
[Signature Algorithm]
Select the signature algorithm from the drop-down list.
[Key Algorithm]
RSA is used for generating a key pair. Select the key length from the drop-down list. The larger the number for the key length, the slower the communication. However, the security is tighter.

[512-bit] cannot be selected for the key length, if [SHA384] or [SHA512] is selected for [Signature Algorithm].
 [Certificate Settings]
[Validity Start Date (YYYY/MM/DD)]
Enter the date from which the certificate is valid between 01/01/2000 and 12/31/2099.
[Validity End Date (YYYY/MM/DD)]
Enter the date to which the certificate is valid between 01/01/2000 and 12/31/2099. A date earlier than [Validity Start Date (YYYY/MM/DD)] cannot be set.
[Country/Region]
Click the [Select Country/Region] radio button and select the country/region from the drop-down list. You can also click the [Enter Internet Country Code] radio button and enter a country code, such as "US" for the United States.
[State]/[City]
Enter up to 24 alphanumeric characters for the location as necessary.
[Organization]/[Organization Unit]
Enter up to 24 alphanumeric characters for the organization name as necessary.
[Common Name]
Enter up to 48 alphanumeric characters for the common name of the certificate as necessary. "Common Name" is often abbreviated as "CN."
6
Click [OK].
Keys for network communication may take approximately 10 to 15 minutes to generate.
After a key pair is generated, it is automatically registered to the machine.

Generate Key and Certificate Signing Request (CSR)

1
Display the screen for AirPrint. Starting Remote UI
2
Click [Key and Certificate Settings].

If the screen for AirPrint is not displayed
Log on to the Remote UI in System Manager Mode (Starting Remote UI [Settings/Registration]  [Security Settings]  [Key and Certificate Settings].
3
Click [Generate Key...].

Deleting a registered key pair
Click [Delete] on the right of the key pair you want to delete  click [OK].
"TLS" is displayed for a currently used key pair, and the key pair cannot be deleted. In this case, disable the function or replace the key pair before deleting it.
4
Select [Generate Key and Certificate Signing Request (CSR)] and click [OK].
5
Specify settings for the key and certificate.
 [Key Settings]
[Key Name]
Enter up to 24 alphanumeric characters for naming the key pair. Set a name that will be easy for you to find later in a list.
[Signature Algorithm]
Select the signature algorithm from the drop-down list.
[Key Algorithm]
RSA is used for generating a key pair. Select the key length from the drop-down list. The larger the number for the key length, the slower the communication. However, the security is tighter.
NOTE:
[512-bit] cannot be selected for the key length, if [SHA384] or [SHA512] is selected for [Signature Algorithm].
 [Certificate Signing Request (CSR) Settings]
[Country/Region]
Click the [Select Country/Region] radio button and select the country/region from the drop-down list. You can also click the [Enter Internet Country Code] radio button and enter a country code, such as "US" for the United States.
[State]/[City]
Enter up to 24 alphanumeric characters for the location as necessary.
[Organization]/[Organization Unit]
Enter up to 24 alphanumeric characters for the organization name as necessary.
[Common Name]
Enter up to 48 alphanumeric characters for the common name of the certificate as necessary. "Common Name" is often abbreviated as "CN."
6
Click [OK].
Key and Certificate Signing Request (CSR) may take approximately 10 to 15 minutes to generate.
7
Click [Store in File].

If a confirmation window appears, click [Save] to save the file.
8
Click [Register Certificate...].
9
Click [Choose File], specify the file for the certificate signing request, and click [Register].
1053-0AS