HP 635n HP Jetdirect Print Servers - How to Use 802.1X on HP Jetdirect Print S - Page 61

Understanding Certificate Chains

Get HP 635n - JetDirect IPv6/IPsec Print Server PDF manuals and user guides
UPC - 882780301016
View all HP 635n manuals
Add to My Manuals
Save this manual to your list of manuals

Page 61 highlights

Figure 21 - HP Jetdirect 802.1X Failure In other words, once 802.1X is configured and then fails on an 802.1X port, moving the Jetdirect device to a non-802.1X port is not sufficient to restore network connectivity. Depending on the product, you will either have to "cold-reset" the Jetdirect device or go into the "Security" menu in the Jetdirect control panel menu and select "802.1X", then "Reset", then power down and then power-up. In order for connectivity to be established, Jetdirect will need to be on a non-802.1X port when performing either of those two reset methods. In Appendix A: Troubleshooting 802.1X, we will cover network trace analysis for HP Jetdirect and some common errors that can be seen and diagnosed through these traces. Understanding Certificate Chains The previous example was using a single Certificate Authority that was issuing certificates directly to devices like IAS and Jetdirect. That configuration is uncommon in most customer environments. What is more common is using a hierarchy of Certificate Authorities. This hierarchy can cause some configuration headaches on Jetdirect because of Intermediate Certificate Authorities or Subordinate Certificate Authorities. Let's look at a new example shown in Figure 22. 61

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
61
Figure 21 – HP Jetdirect 802.1X Failure
In other words, once 802.1X is configured and then fails on an 802.1X port, moving the Jetdirect
device to a non-802.1X port is not sufficient to restore network connectivity.
Depending on the
product, you will either have to “cold-reset” the Jetdirect device or go into the “Security” menu in the
Jetdirect control panel menu and select “802.1X”, then “Reset”, then power down and then power-up.
In order for connectivity to be established, Jetdirect will need to be on a non-802.1X port when
performing either of those two reset methods.
In Appendix A: Troubleshooting 802.1X, we will cover network trace analysis for HP Jetdirect and
some common errors that can be seen and diagnosed through these traces.
Understanding Certificate Chains
The previous example was using a single Certificate Authority that was issuing certificates directly to
devices like IAS and Jetdirect.
That configuration is uncommon in most customer environments.
What
is more common is using a hierarchy of Certificate Authorities.
This hierarchy can cause some
configuration headaches on Jetdirect because of Intermediate Certificate Authorities or Subordinate
Certificate Authorities.
Let’s look at a new example shown in Figure 22.