HP LaserJet Pro Devices - Installing 2048 bit SSL certificates

services, or companies.

Introduction

A recent publication of the National Institute of Standards and Technology (NIST Special Publication 800-131A)

announced that the use of 1024 bit SSL/TLS certificates is no longer recommended and will be “disallowed” after

December 31, 2013. The publication recommends the use of 2048 bit certificates to maintain network security and

integrity. As a result, most Certificate Authorities (CAs) will no longer issue 1024 bit certificates. And, most Web

browsers will no longer honor such certificates as safe and secure. In order to avoid error messages and the risk of a

security breach, systems and devices that rely on the SSL/TLS protocols will need to have 2048 bit Certificates installed.

Most HP LaserJet printers can accept a 2048 bit certificate but some cannot generate the request needed to obtain one.

This white paper will describe methods that can be used to obtain and install a 2048 bit certificate for such products. For

Generating a Certificate Signing Request

Ordinarily, a certificate is obtained from a Certificate Authority (CA) by submitting a “Certificate Signing Request” (CSR).

This is a base 64 encoded text file which contains all the information needed by the CA to generate a certificate.

Most devices that employ the SSL/TLS protocols provide a method to accept appropriate input from the user and

generate a CSR. HP LaserJet printers are no exception. Those that support the SSL/TLS protocols include a page on their

Embedded Web Server (EWS) devoted to generating CSRs.