<Encryption Settings>

Specify the settings for enhancing the effective encryption security.


For information on the items ("A", "B", "C", and "No") in the "Import All Function" column, see Import All Function.

<Prohibit Use of Weak Encryption>

(Settings/Registration)

Select whether to restrict the use of weak encryption, or a key and certificate with weak encryption. Management Functions

Item	Setting Description	DeviceAdmin	NetworkAdmin	Can be set in Remote UI	Device Information Delivery Available	Import All Function	Name of Item When Exporting with the Remote UI
<Prohibit Use of Weak Encryption>	<On>, <Off> <On> is selected: <Prohibit Use of Key/Certificate with Weak Encryption>: <On>, <Off>	No	No	Yes	No	C	Settings/Registration Basic Information


This setting applies to functions such as IPSec, TLS, Kerberos, S/MIME, and SNMPv3. The machine may not be able to communicate with devices that only support weak encryption. Even if the use of weak encryption is restricted, it may be allowed depending on the certificate (root certificate). For information on the algorithms prohibited when this setting is set to <On>, see System Specifications.

(Settings/Registration)

Specify whether to make the function using encryption comply with FIPS 140-2.

Item	Setting Description	DeviceAdmin	NetworkAdmin	Can be set in Remote UI	Device Information Delivery Available	Import All Function	Name of Item When Exporting with the Remote UI
<Format Encryption Method to FIPS 140-2>	<On>, <Off>	No	No	Yes	No	C	Settings/Registration Basic Information


This setting is available for TLS and MEAP applications. This setting is not available for TLS communication using the machine's touch panel Web Access function. This setting is only available for MEAP applications that use a FIPS provider. For information on the algorithms prohibited when this setting is set to <On>, see System Specifications.