HP Jetdirect 610n HP Jetdirect Print Servers - HP Jetdirect and SSL/TLS - Page 61

HP Jetdirect as an SSL/TLS Client

Get HP Jetdirect 610n PDF manuals and user guides View all HP Jetdirect 610n manuals
Add to My Manuals
Save this manual to your list of manuals

Page 61 highlights

The setting "Encryption Strength" controls the cipher suites that Jetdirect will select from a client request. The default setting is "Low" which is a bit misleading - it really means that all cipher suites that Jetdirect supports can be used including ciphers that aren't considered as secure anymore. If the client can only support DES, Jetdirect will still accept it. However, if the client offers DES and other cipher suites, Jetdirect will prefer higher security ciphers when presented with the choice. Setting it to "Medium" means that the client must offer RC4 or 3DES or the SSL/TLS connection won't be established. Well, looks like we've covered all that is necessary when HP Jetdirect acts as an SSL/TLS server. But wait, there's more! HP Jetdirect can also act as an SSL/TLS client when used by certain applications on a printer or MFP. The most popular one is LDAP over SSL/TLS. Now, what was formerly important to the SSL/TLS client (e.g., browser) becomes important for HP Jetdirect. Let's look at what happens here. HP Jetdirect as an SSL/TLS Client The most common situation for HP Jetdirect to act as an SSL/TLS client is when the MFP is going to use LDAP over SSL. Keep in mind that the roles are reversed here. HP Jetdirect is going to initiate a connection and verify the server's certificate just like a web browser would. Let's set this up. 61

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
61
The setting “Encryption Strength”
controls the cipher suites that Jetdirect
will select from a client request.
The
default setting is “Low” which is a bit
misleading – it really means that all
cipher suites that Jetdirect supports can
be used including ciphers that aren’t
considered as secure anymore.
If the
client can only support DES, Jetdirect
will still accept it.
However, if the
client offers DES and other cipher
suites, Jetdirect will prefer higher
security ciphers when presented with
the choice.
Setting it to “Medium”
means that the client must offer RC4 or
3DES or the SSL/TLS connection won’t
be established.
Well, looks like we’ve covered all that is necessary when HP Jetdirect acts as an SSL/TLS server.
But
wait, there’s more!
HP Jetdirect can also act as an SSL/TLS client when used by certain applications
on a printer or MFP.
The most popular one is LDAP over SSL/TLS.
Now, what was formerly
important to the SSL/TLS client (e.g., browser) becomes important for HP Jetdirect.
Let’s look at what
happens here.
HP Jetdirect as an SSL/TLS Client
The most common situation for HP Jetdirect to act as an SSL/TLS client is when the MFP is going to use
LDAP over SSL.
Keep in mind that the roles are reversed here.
HP Jetdirect is going to initiate a
connection and verify the server’s certificate just like a web browser would.
Let’s set this up.