Configuring Settings for Key Pairs and Digital Certificates

In order to encrypt communication with a remote device, an encryption key must be sent and received over an unsecured network beforehand. This problem is solved by public-key cryptography. Public-key cryptography ensures secure communication by protecting important and valuable information from attacks, such as sniffing, spoofing, and tampering of data as it flows over a network.
Key Pair
 
A key pair consists of a public key and a secret key, both of which are required for encrypting or decrypting data. Because data that has been encrypted with one of the key pair cannot be returned to its original data form without the other, public-key cryptography ensures secure communication of data over the network. A key pair is used for TLS encrypted communication or TLS of the IEEE 802.1X authentication. Up to five key pairs (including the preinstalled pairs) can be generated to the machine (Using CA-issued Key Pairs and Digital Certificates). A key pair can be generated with the machine (Generating Key Pairs).
CA Certificate
 
Digital certificates including CA certificates are similar to other forms of identification, such as driver's licenses. A digital certificate contains a digital signature, which enables the machine to detect any spoofing or tampering of data. It is extremely difficult for third parties to abuse digital certificates. A digital certificate that contains a public key of a certification authority (CA) is referred to as a CA certificate. CA certificates are used for verifying the device the machine is communicating with for features such as printing with Google Cloud Print or IEEE 802.1X authentication. Up to 72 CA certificates can be registered, including the 67 certificates that are preinstalled in the machine (Using CA-issued Key Pairs and Digital Certificates).
3R11-067