HP 635n Practical IPsec Deployment for Printing and Imaging Devices - Page 190

The "Certificate Export Wizard" launches - Press "Next" Since we are going to import this certificate into Jetdirect, we need to export the private key as well. Select "Yes, export the private key" and then click "Next". NOTE: In most cases, when exporting a certificate, you will not want to export the private key. The private key is best kept on the machine that generated it and never moved. This functionality is usually done by generating a Certificate Signing Request (CS) on Jetdirect. The CSR process on Jetdirect creates a public and private key pair and includes the public key with the CSR while the private key is stored in flash and never exposed external to the Jetdirect device. The CSR is then sent to the Certificate Authority which issues a certificate based upon the information in the request. This certificate would be simply "installed" in Jetdirect and not "imported". Unfortunately, the Enterprise CA modifies the certificate in a way that is not compatible with Jetdirect's CSR and this resulted in Jetdirect refusing to accept the certificate during its installation. Jetdirect has since addressed this problem starting with version V.36.11. Using V.36.11 and later, certificates issued from the 190