Encryption and Digital Signature Overview
Encrypting HTTP Communications from the Machine to a Remote Server
The SSL/TLS protocol is used to encrypt the HTTP communications between a remote
server and the machine.
No certificate is required in general. However, if a remote server is set to require an SSL
client certificate, you can use a certificate issued by another CA.
When verification of server certificates is enabled to verify the SSL/TLS certificate of a
remote server, import a certificate issued by another CA using CentreWare Internet
Services to the machine.
Encryption using IPSec
IPSec enables IP-level (not application-level) encrypted communications with remote
If you select [Authenticate by Digital Signature] for [IKE Authentication Method], a
certificate issued by another CA is required.
If you select [Authenticate by Preshared Key], no device certificate is required.
• If the certificate for IPSec contains the V3 extension (keyUsage), "digitalSignature" bit must
For information on IKE authentication methods, refer to "IKE Authentication Method" (P.212).
To verify the certificate of the remote device, you must register a root certificate created
by a CA of the remote device on the machine.
• To use certificates that have already been created, import them with CentreWare Internet
E-mail Encryption/Digital Signature
S/MIME is used for E-mail Encryption/Digital Signature. To use S/MIME on the
machine, S/MIME certificates are used.
For an S/MIME certificate, you can use a certificate issued by another CA.
The personal certificates or the device certificates of destinations are required for
• If the certificate for S/MIME contains an "email Address" or a V3 extension (keyUsage),
"digitalSignature" and "keyEncipherment" must be asserted. If the certificate contains v3
extension (extendedKeyUsage), "emailProtection" must be set.
Encryption and Digital-Signature Features for Scan Files
Encrypting PDF/DocuWorks Documents
PDF and DocuWorks documents can be encrypted and protected by a password.
For information on how to encrypt PDF and DocuWorks documents, refer to "5 Scan" > "E-mail" >
"File Format (Selecting a File Format for Output Data)" in the User Guide.
Encryption/Digital Signature of PDF/DocuWorks/XPS Documents (ApeosPort
Series Models Only)
Digital signatures are available for PDF, DocuWorks, and XPS documents.
To use the digital signature, a device certificate is required.
For a device certificate, you can use any registered certificates.