Configuring the Key and Certificate for TLS
You can encrypt communication between the machine and a Web browser on the computer by using Transport Layer Security (TLS). TLS is a mechanism for encrypting data sent or received over the network. TLS must be enabled when the Remote UI is used for specifying settings for IPSec (Pre-Shared Key Method), IEEE 802.1X authentication (TTLS/PEAP), or SNMPv3. To use TLS encrypted communication for the Remote UI, you need to specify a "key and certificate" (server certificate) you want to use before enabling TLS. Generate or install the key and certificate for TLS before enabling TLS (
Management Functions).
1
Start the Remote UI and log in to System Manager Mode.
Starting Remote UI2
Click [Settings/Registration] on the Portal page.
Remote UI Screen3
Select [Network Settings]
[TLS Settings].
4
Click [Key and Certificate].
5
Click [Register Default Key] on the right of the key and certificate you want to use.
Viewing details of a certificate
You can check the details of the certificate or verify the certificate by clicking the corresponding text link under [Key Name], or the certificate icon.
6
Click [Edit].
7
Configure detailed TLS settings.
[Allowed Versions]
Specify [Maximum Version] and [Minimum Version] of TLS.
[Algorithm Settings]
Select the check box for the algorithm to use for TLS. Depending on the TLS version, some algorithms may not be available.
: Available
: Unavailable
Algorithm | TLS Version |
[TLS 1.3] | [TLS 1.2] | [TLS 1.1] | [TLS 1.0] |
[Encryption Algorithm] |
[AES-CBC (256-bit)] | | | | |
[AES-CBC (128-bit)] | | | | |
[AES-GCM (256-bit)] | | | | |
[AES-GCM (128-bit)] | | | | |
[3DES-CBC] | | | | |
[CHACHA20-POLY1305] | | | | |
[Key Exchange Algorithm] |
[RSA] | | | | |
[ECDHE] | | | | |
[X25519] | | | | |
[Signature Algorithm] |
[RSA] | | | | |
[ECDSA] | | | | |
[HMAC Algorithm] |
[SHA1] | | | | |
[SHA256] | | | | |
[SHA384] | | | | |
8
Click [OK].
9
Select [License/Other]
[Remote UI Settings].
10
Click [Edit].
11
Select the [Use TLS] check box and click [OK].
12
|
Using the operation panelYou can also enable or disable TLS encrypted communication from <Menu> in the Home screen. <Remote UI>Starting the Remote UI with TLSIf you try to start the Remote UI when TLS is enabled, a security alert may be displayed regarding the security certificate. In this case, check that the correct URL is entered in the address field, and then proceed to display the Remote UI screen. Starting Remote UIUsing TLS to encrypt e-mail/I-Fax communicationIf the SMTP server and the POP3 server support TLS, you can enable TLS for communication with these servers ( Configuring E-Mail/I-Fax Communication Settings). For more information about the SMTP server and the POP3 server, contact your Internet service provider or Network Administrator. |
LINKS