13 Security - Encryption/Digital Signature306Encryption of HTTP Communications from the Machine to a Remote Server (ClientCertificate)The SSL/TLS suite of protocols is used to encrypt HTTP communications with a remoteserver.No client certificate is typically required for this activity. However, if a remote server isset to require an SSL client certificate, an SSL/TLS client certificate must be registeredon the machine.Digital certificates imported from a Certificate Authority can be used as SSL/TLScertificates on the machine’s HTTP server.NOTE: When Remote Server Certificate Validation is enabled, under [SSL/TLSSettings] in CentreWare Internet Services, the root certificate of the remote servermust be registered to the machine (imported with Internet Services) to verify the digitalcertificate.E-mail Encryption/Digital SignatureS/MIME certificates, imported from a Certificate Authority (in PKCS7 format), can beused on the machine’s HTTP server for e-mail encryption.To import S/MIME certificates, use [Machine Digital Certificate Management] in the[Security] folder on the [Properties] page of CentreWare Internet Services.Encryption/Digital Signature of Scanned Files (PDF/XPS Documents)While no digital signatures are required to encrypt PDF and XPS documents, thesedocuments can be signed with imported PKCS12 digital signatures.When digital signatures are added to PDF or XPS documents, scan file certificatesimported to the machine from a Certificate Authority are typically used.To import PKCS12 scan file certificates, use [Machine Digital Certificate Management]in the [Security] folder on the [Properties] page of CentreWare Internet Services.IPsecIPsec (typically used to encrypt FTP) can be enabled from the [Security] folder on the[Properties] page of CentreWare Internet Services.Configuration of HTTPS (SSL/TLS) Communication EncryptionInstallation OverviewConfiguration on the MachineTwo methods are available depending on the type of certificate.- Create a self-signed certificate on the machine with CentreWare Internet Services,and enable HTTPS. This method is used primarily for server certificates.- Enable HTTPS, and import a signed certificate from a Certificate Authority using[Machine Digital Certificate Management] in the [Security] folder on the [Properties]page of CentreWare Internet Services.NOTE: To see [Certificate Management], at least one certificate must have beencreated and stored on the machine. This is one of the reasons for creating a self-signed certificate.