Security54 Phaser 6700 Color PrinterSystem Administrator GuideSecurity CertificatesA digital certificate is a file that contains data used to verify the identity of the client or server in anetwork transaction. A certificate also contains a public key used to create and verify digital signatures.One device proves its identity to another by presenting a certificate trusted by the other device. Or, thedevice can present a certificate signed by a trusted third party and a digital signature proving itsownership of the certificate.A digital certificate includes the following data: Information about the owner of the certificate The certificate serial number and expiration date The name and digital signature of the Certificate Authority (CA) that issued the certificate A public key A purpose defining how the certificate and public key can be usedThere are three types of certificates: Device Certificate: A certificate for which the printer has a private key, and the purpose specified inthe certificate allows it to be used to prove identity. CA Certificate: A certificate with authority to sign other certificates. Trusted Certificate: A self-signed certificate from another device that you want to trust.To ensure that the printer can communicate with other devices over a secure trusted connection, bothdevices must have certain certificates installed.For protocols such as HTTPS, the printer is the server, and must prove its identity to the client Webbrowser. For protocols such as 802.1X, the printer is the client, and must prove its identity to theauthentication server, typically a RADIUS server. For features that use these protocols, perform thefollowing two tasks: Install a device certificate on the printer.Note: When you enable HTTPS, a Xerox® Device Certificate is automatically created and installed onthe printer. Install a copy of the CA certificate that was used to sign the device certificate of the printer on theother device.Protocols such as IPsec require both devices to prove their identity to each other.For features that use these protocols, perform the tasks listed under one of the following options:Option 1 Install a device certificate on the printer. Install a copy of the CA certificate that was used to sign the device certificate of the printer on theother device. Install a copy of the CA certificate that was used to sign the certificate of the other device on theprinter.