Fuji Xerox ApeosPort-IV C5580, ApeosPort-IV C6680, ApeosPort-IV C7780, DocuCentre-IV C5580, DocuCentre-IV C6680, DocuCentre-IV C7780 Administrator Guide

Encryption and Digital Signature Features for Scan Files

Encryption and Digital Signature Features for Scan Files

Encryption and Digital Signature Overview
369
E
n
c
r
y
p
tion a
nd Digit
a
l S
i
gna
tur
e
 Se
tt
ings
13
Encrypting HTTP Communications from the Machine to a Remote Server
 (SSL/TLS Client)
The SSL/TLS protocol is used to encrypt the HTTP communications between a remote 
server and the machine.
No certificate is required in general. However, if a remote server is set to require an SSL 
client certificate, you can use a certificate issued by another CA.
When verification of server certificates is enabled to verify the SSL/TLS certificate of a 
remote server, import a certificate issued by another CA using CentreWare Internet 
Services to the machine.
 Encryption using IPSec
IPSec enables IP-level (not application-level) encrypted communications with remote 
devices.
If you select [Authenticate by Digital Signature] for [IKE Authentication Method], a 
certificate issued by another CA is required.
If you select [Authenticate by Preshared Key], no device certificate is required.
Note
• If the certificate for IPSec contains the V3 extension (keyUsage), "digitalSignature" bit must 
be asserted.
For information on IKE authentication methods, refer to "IKE Authentication Method" (P.212).
To verify the certificate of the remote device, you must register a root certificate created 
by a CA of the remote device on the machine.
Note
• To use certificates that have already been created, import them with CentreWare Internet 
Services.
 E-mail Encryption/Digital Signature
S/MIME is used for E-mail Encryption/Digital Signature. To use S/MIME on the 
machine, S/MIME certificates are used.
For an S/MIME certificate, you can use a certificate issued by another CA.
The personal certificates or the device certificates of destinations are required for 
encrypted communications.
Note
• If the certificate for S/MIME contains an "email Address" or a V3 extension (keyUsage), 
"digitalSignature" and "keyEncipherment" must be asserted. If the certificate contains v3 
extension (extendedKeyUsage), "emailProtection" must be set.
Encryption and Digital-Signature Features for Scan Files
 Encrypting PDF/DocuWorks Documents
PDF and DocuWorks documents can be encrypted and protected by a password.
For information on how to encrypt PDF and DocuWorks documents, refer to "5 Scan" > "E-mail" > 
"File Format (Selecting a File Format for Output Data)" in the User Guide.
Encryption/Digital Signature of PDF/DocuWorks/XPS Documents (ApeosPort 
Series Models Only)
Digital signatures are available for PDF, DocuWorks, and XPS documents.
To use the digital signature, a device certificate is required.
For a device certificate, you can use any registered certificates.