Configuration of Encryption Using IPsec
185
Configuration of Encryption Using IPsec
When setting [Authenticate by Digital Signature] for [IKE Authentication Method] to make
IPsec communication, register a certificate with the device. No certificate is registered with
the device by factory default. Import an IPsec certificate. After importing a certificate,
configure IPsec.
When the IKE authentication method is set to [Authenticate by Preshared Key], skip the
step 1 "Certificate Arrangement" and go to step 2 "Configuration of IPsec".
For information on IKE authentication methods, refer to "[IPsec Settings]" (P.160).
You cannot import a certificate that already has been registered either as [Device Certificates] or [Other
Certificates]. Delete the registered certificate beforehand.
If a certificate to be imported as an IPsec certificate contains V3 extension "KeyUsage", "digitalSignature" bit
must be asserted.
Step1 Certificate Arrangement
To configure a certificate using CentreWare Internet Services, configure the encryption
settings for HTTP communications, and then import a certificate issued by another CA to
use it for the IPsec certificate.
You cannot use a self-signed certificate created with CentreWare Internet Services for IPsec.
The public key of the certificate that can be imported to the device shall be either of RSA
®
public key (up to
4096 bits) and ECC public key P-256/P-384/P-521.
For details on how to configure the encryption settings for HTTP communication, refer to "Configuration of
HTTP Communications Encryption" (P.183).
1
Start CentreWare Internet Services and log in to the System Administration mode.
For more information on how to start CentreWare Internet Service, refer to "Starting CentreWare Internet
Services" (P.65).
2
Click [System] on the left menu.
3
Click [Security] > [Certificate Settings] > [Import].
4
Click [Select] and select the file to import on the displayed dialog box, then click [Save].
You can also directly enter the path of the file to import.
5
Enter the password of the certificate to [Password].
6
Enter the same password as the previous step to [Retype Password].
7
Click [Start].
To Next Page
Loading...
Need help?
General
