Lexmark MS810n Embedded Web Server-Security: Administrator's Guide - Page 23

Using security features in the Embedded Web Server 23 Configuring the device for certificate information Note: This is available only in select printer models. The printer has a self‑generated certificate. For some operations (e.g. 802.1x, IPSec, etc.), the printer certificate needs to be upgraded to a certificate that has been signed by a certificate authority. The printer includes a certificate signing request that can be viewed or downloaded, which greatly facilitates the process of obtaining the signed certificate for the printer. 1 Open a Web browser, and then type the IP address or host name of the printer. 2 From the Embedded Web Server, click Settings > Security > Certificate Management > Set Certificate Defaults. Note: The Set Certificates Defaults menu allows you to update the out‑of‑the‑box information on the device with information including those that fit your organization's certificate requirements. 3 After updating all the fields that fit your organization, click Submit. For more information, see "Setting certificate defaults" on page 25. Note: The Web page refreshes and returns to the Certificate Management page. 4 Click the Device Certificate Management link. Notes: • This window allows the device administrator the ability to initiate a request for a new device certificate, delete all device certificates, and view previously installed device certificates. To view more details of an installed device certificate or delete a particular device certificate, simply click on the certificate common name link listed under the Friendly Name heading. • If this is for a new, out‑of‑the‑box device, then there will be a default self‑signed certificate to view on this page. 5 Select the link for the preferred device certificate to obtain the certificate signing request information. Notes: • You may use the default certificate link to use the default certificate created in step 2 or another named certificate. The certificate information is displayed. • Other certificates are created by selecting New, which will open a Certificate Generation Parameters page. For more information, see "Creating a new certificate" on page 24. 6 Click Download Signing Request, and then save and open the .csr file with a notepad or any other text editor. Note: The file data is displayed in a standard format that includes the base‑64 representation in the application window. Highlight and copy that information for later usage by a paste operation. 7 Leave your current Embedded Web Server page open while you open a new Web browser to the Certificate Authority Web site. 8 Follow the CA certificate request process as defined for the Certificate Authority. A sample request is shown in "Appendix B: CA‑Signed Device Certificate creation" on page 41. Note: The result of this process will be a new CA Signed Device Certificate file (in .pem format). Save this file on your computer since it will be required for the next steps. 9 From the Embedded Web Server, return to the "default" Device Certificate Management page, and then click Install Signed Certificate.