HP LaserJet Pro 300 HP LaserJet, Color LaserJet and LaserJet MFP Products - Se - Page 2

The HP Laserjet will generate - printer

Get HP LaserJet Pro 300 PDF manuals and user guides View all HP LaserJet Pro 300 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 2 highlights

authenticity of the web site depends on verifying a "chain of trust" between the browser and server; the failure of the chain of trust results in the warnings. The chain of trust between the browser and the web server is established by linking the identity certificate from the web server to a Certificate Authority (CA) certificate that is installed in the browser. Commercial and public web sites will purchase and install an identity certificate from a well-known Certificate Authority such as Thawte, Verisign, Entrust etc; the issuing CA essentially makes a statement, with the certificate, that the web site is genuine. Browsers are configured by default to trust the well-known CAs and thus can establish the validity of the identity certificates presented by the web servers. An HP Laserjet cannot, by default, present credentials as robust as the identity certificates presented by a public or commercial web site. First it is a matter of scale: the logistics and expense of providing robust (signed by well-known CA) identity certificates for hundreds of thousands of devices is prohibitive. Secondly, it is a matter of configuration: since the identity of an HP Laserjet is determined by the user at installation, a certificate cannot be issued until after installation and configuration. HP Laserjet printers and MFPs, nevertheless, assure the best possible security given these constraints by creating a default self-signed certificate which assures confidentiality but does not robustly provide authenticity. (A self-signed certificate, rather than issued by a CA, is issued by the device itself, and thus cannot establish a chain of trust to a well-known CA.) If desired, an HP Laserjet can be configured to provide both robust confidentiality and authenticity by purchasing and installing an identity certificate from a well-known CA. The HP Laserjet will generate a Certificate Signing Request (or equivalently, Certificate Request) that is submitted, along with supporting identity documentation, to the CA which will return a signed certificate to be installed in the HP Laserjet. This process is detailed on pages 88ff. of the JetDirect Administrator's Guide (http://h20000.www2.hp.com/bc/docs/support/SupportManual/c01502097/c01502097.pdf). Alternatively, if security is not required, secure web communications can be disabled on the Mgmt Protocols page of the JetDirect print server by unchecking the checkbox: HP does not recommend disabling (unchecking) this feature. 2

  • 1
  • 2
  • 3
2
authenticity of the web site depends on verifying a “chain of trust” between the browser and server;
the failure of the chain of trust results in the warnings.
The chain of trust between the browser and the web server is established by linking the identity
certificate
from the web server to a
Certificate Authority
(CA) certificate that is installed in the
browser.
Commercial and public web sites will purchase and install an identity certificate from a
well-known Certificate Authority such as Thawte, Verisign, Entrust etc; the issuing CA essentially
makes a statement, with the certificate, that the web site is genuine.
Browsers are configured by
default to trust the well-known CAs and thus can establish the validity of the identity certificates
presented by the web servers.
An HP Laserjet cannot, by default, present credentials as robust as the identity certificates presented
by a public or commercial web site.
First it is a matter of scale: the logistics and expense of
providing robust (signed by well-known CA) identity certificates for hundreds of thousands of devices
is prohibitive.
Secondly, it is a matter of configuration: since the identity of an HP Laserjet is
determined by the user at installation, a certificate cannot be issued until after installation and
configuration.
HP Laserjet printers and MFPs, nevertheless, assure the best possible security given these constraints
by creating a default
self-signed
certificate which assures confidentiality but does not robustly provide
authenticity.
(A
self-signed
certificate, rather than issued by a CA, is issued by the device itself, and
thus cannot establish a chain of trust to a well-known CA.)
If desired, an HP Laserjet can be configured to provide both robust confidentiality and
authenticity by
purchasing and installing an identity certificate from a well-known CA.
The HP Laserjet will generate
a
Certificate Signing Request
(or equivalently,
Certificate Request
) that is submitted, along with
supporting identity documentation, to the CA which will return a signed certificate to be installed in
the HP Laserjet.
This process is detailed on pages 88ff. of the JetDirect Administrator’s Guide
(
).
Alternatively, if security is not required, secure web communications can be disabled on the
Mgmt
Protocols
page of the JetDirect print server by unchecking the checkbox:
HP does
not
recommend disabling (unchecking) this feature.