12 Encryption and Digital Signature Settings
324
Encryption and Digital Signature Settings
12
Configuration of Encryption using IPSec
This section describes how to encrypt communications using IPSec.
When the IKE authentication method is set to [Authenticate by Preshared Key], skip step 1
"Import and Configuration of a Certificate" and go to step 2 "Configuration on the Machine
(Configuration of IPSec)".
For IKE authentication methods, refer to "IPSec Settings" (P.167).
Installation Overview.................................................................................................................................................................. 324
Step1 Import and Configuration of a Certificate ................................................................................................................ 324
Step2 Configuration on the Machine (Configuration of IPSec).......................................................................................325
Step3 Configuration on the Computer................................................................................................................................... 326
Installation Overview
To encrypt communications using IPSec, configure the machine and your computer as
follows:
îš„ Configuration on the Machine
When [IKE Authentication Method] is set to [Authenticate by Digital Signature], configure
a certificate on the machine. No certificate is registered on the machine by factory default.
After importing a certificate, configure IPSec.
Configure the following setting to set up a certificate on the machine.
z
Configuring certificates by CentreWare Internet Services
- Enable HTTPS, and then import a certificate issued by another CA to the machine.
Note • If a certificate to be imported as an IPSec certificate contains V3 extension "KeyUsage",
"digitalSignature" bit must be asserted.
îš„ Configuration on the Computer
Configure the following settings to encrypt communications between a computer and the
machine.
z
Create an IP security policy
z
Assign the IP security policy
Step1 Import and Configuration of a Certificate
The following describes configuration procedures to set up a certificate with CentreWare
Internet Services.
To configure a certificate using CentreWare Internet Services, configure the encryption
settings for HTTP communications, and then import a certificate issued by another CA to
use it for the IPSec certificate.
Note • You cannot use a self-signed certificate created with CentreWare Internet Services for IPSec.
• The machine supports to import RSA
®
public key (up to 4096 bits).
For details on how to configure the encryption settings for HTTP communication, refer to "Configuration of HTTP
Communications Encryption" (P.322).
1
Start CentreWare Internet Services.
For more information on how to start CentreWare Internet Service, refer to "Starting CentreWare Internet Services" (P.260).
2
Import a certificate.
To Next Page
Loading...
Need help?
General
