Canon SSL Configuration Server and Device

The following server and device tasks are required to configure SSL between the AccuRoute Server and Canon device.

See About Canon Device SSL Configuration for more information.

Adding the Self-Signed CA certificate to the Canon device

You must create a PFX Certificate file by using the following command in OpenSSL. See example below.

Example: openssl pkcs12 -export -out certificate.pfx -inkey privateKey.key -in certificate.crt -certfile more.crt

Understanding the command line

Command Line Component

Description
openssl Runs OpenSSL.
pkcs12 Use the OpenSSL PKCS#12 file utility.
-export -out certificate.pfx Export and save the PFX file as certificate.pfx.
-inkey privateKey.key Use the private key file privateKey.key as the private key to combine with the certificate.
-in certificate.crt Use certificate.crt as the certificate the private key will be combined with.
-certfile more.crt Optional. Use if you have additional certificates you want to include in the PFX file.

Note: After entering the command, you need to enter and verify an export password to protect the PFX file. Remember this password! You will need it when you export the certificate and key.

Creating the PFX Certificate file

Use OpenSSL and the Command line components listed above to create the Certificate PFX file.

To create the Certificate PFX file

  1. Run OpenSSL.

  2. Type the following Command line with your certificate parameters.

openssl pkcs12 -export -out certificate.pfx -inkey privateKey.key -in certificate.crt -certfile more.crt

  1. Type the Export Password and make a note of it .

  2. Verify the Export Password.

Installing and Registering the certificate on the Canon device

Use the device's Embedded Web Server (EWS) to install and register the certificate on the Canon device.

To install and register the certificate

  1. Open the device’s EWS (Embedded Web Server) by entering the device’s IP address in your browser’s address bar.

  2. Go to Settings Registration > Management Settings > Device Management.

  3. Select Key and Certificate Settings > Register Key and Certificate.

  4. Select the PFX file and click Install.

  5. Click Register.

  6. Specify the Key name and Export password in the appropriate boxes used in creating the PFX certificate file.

  7. Click OK.

  8. Review the Certificate details and select Verify Certificate.

  9. Select Register CA Certificate.

Adding the SSL URL to the Device Group Properties

Using the Server Administrator, you must add the SSL URL to the Device Group Properties.

To add the SSL URL to the Device Group Properties

  1. Start the AccuRoute Server Administrator.
  2. Expand Devices on the Server Administrator tree.
  3. Right-click the appropriate device group and select Properties. The Device Group Properties dialog box appears.

See the Device Group Properties dialog box below.

  1. Click the Settings tab.

  2. Ensure you enter the fully qualified domain name and port number in the following format. See example below.

    3. Example: https://fully_qualified_domain_name:port_number/DeviceClient/

  3. Copy the URL.
  4. Click OK.

Adding the SSL URL to the Canon device UplandMEAPServlet

Using the UplandMEAPServlet, you must add the SSL URL to the Canon device.

To add the SSL URL to the Canon device

  1. Open the device’s EWS (Embedded Web Server) by entering the device’s IP address in your browser’s address bar.

  2. Select Basic Tools > UplandMEAPServlet.

  3. Paste the Device Group Properties URL in the Service URL box.

  4. Ensure the Device group name appears in the Group Name box.

  5. Click OK.

See also

About Canon Device SSL Configuration

Canon SSL Configuration Server Certificate Request

Canon SSL Configuration Device Client and Web API

Canon SSL Configuration XML Files