Manualshelf

HP LaserJet Enterprise MFP - CA Certificates for commercial Email services (white paper)

ManualsBrandsHP ManualsDesktopsHP Color LaserJet Enterprise M855dn Printer
12345678910
2
Abstract
Digital Sending features that use eMail servers should use an SSL-encrypted connection. When
working with commercially provided services such as Gmail, Office365, Yahoo, or even with
Enterprise services, SSL should be properly configured with the correct Certificate Authority
(CA) certificates. This bulletin gives guidance on obtaining the proper CA certificate.
Notable CA Certificates
Certificates for the following commercial services can be downloaded from the links below:
Gmail (April 2014):
https://www.geotrust.com/resources/root_certificates/certificates/Equifax_Secure_Cer
tificate_Authority.pem
Yahoo (April 2014):
https://www.digicert.com/CACerts/DigiCertAssuredIDRootCA.crt
Office365 (April 2014):
http://secure.globalsign.net/cacert/Root-R1.crt
Certificates and Certificate Authorities (CA)
The identity and authenticity of servers across a network is established by the use of identity
certificates issued by certificate authorities (CAs). A certificate authority, after independently
verifying information about a server, assembles and cryptographically signs that information to
create an identity certificate. A client later examining the server’s identity certificate can
validate it by reversing the cryptographic signature. The cryptographic key necessary to reverse
the signature is found in the CA Certificate that is distributed by the CA. The CA Certificate,
rather than being used to prove the identity of the CA, is used to prove that the certificate was
issued by the CA.
As an example, here is how a certificate comes into existence and is used:
A) A Certificate Authority, e.g. Verisign, issues a certificate to a server, e.g. www.
Amazon.com.
B) A client receives a certificate from www.Amazon.com.
C) The client uses the CA Certificate from Verisign to prove that Verisign did in fact sign the
certificate received from www.Amazon.com.
An Identity Certificate is thus tightly bound to the CA Certificate only the CA Certificate can
validate the Identity Certificate.