Manualshelf

HP Printers - Certificate-based authentication for data security (whitepaper)

ManualsBrandsHP ManualsPrint & ScanCE525A
12345678
3
anybody who asks. Renown or big-name certificate vendors (such as Verisign, DigiCert, Symantec,
GeoTrust, etc.) put their CA certificates on their public web sites for everybody to download. They also
make sure to put them into web browsers so that certificates on popular web sites can be automatically
checked without the user even knowing. Many businesses are set up to sign their own certificates. They
have a CA certificate too and will also share it with all their employees.
Thanks to the complicated math implemented by cryptologists, it is nearly impossible to forge a digital
signature and there is virtually no security problem sharing CA certificates with everyone everywhere.
Digital certificates can’t work unless CA certificates are freely shared.
For most situations that you might encounter while surfing the web, everything will happen automatically.
That’s because most browsers have built-in security features that automatically verify all certificates that
are presented to them. And, most browsers include many built-in CA certificates from the “big-name”
Certificate Authorities. So, if you surf to a web site that uses a certificate from a big-name CA then the
certificate they present will be automatically trusted.
But, what about little web sites that don’t use certificates from big-name CAs?
The HP Embedded Web Server (HP EWS) for an HP LaserJet printer is a prime example of a small web site
that does not use a big-name certificate. In fact, the default certificate it uses is “self-signed”. So, you’re
pretty much guaranteed to get a warning from the browser when you surf to its secure (HTTPS) address.
What do you do? Well, you just need to get the right signature card (CA certificate) and install it into the
Certificate Store on your computer. Here’s how to do it:
Obtain and install the CA certificate from an HP LaserJet printer
1. Access the HP Embedded Web Server (HP EWS) of the printer using a web browser.
a. Obtain the IP address or host name of the printer.
On the printer control panel, touch the “i” Information button and select the network interface
you need to use (Ethernet or Wireless). This will display the IP address and host name.
b. Open a Web browser, and in the address line, type the IP address or host name of the printer
exactly as it displays on the printer control panel. Press the Enter key on the computer keyboard.
The EWS opens.
NOTE: If the Web browser displays a message indicating that accessing the website might not be safe,
select the option to continue to the website. Accessing this website will not harm the computer.
2. On the top navigation tabs, click “Security”.
3. In the left navigation pane, select Certificate Management” and scroll to the Certificates” section.
4. Select the certificate that is labeled: “Self-Signed CA Certificate”.
5. Click the “Export button, and then save the file to on your computer.
NOTE: Make sure to note the location of the file on your computer