Machine Digital Certificate Management & Trusted Certificate AuthoritiesXerox Phaser 3635 System Administration Guide 149• Network Accounting configuration.To enable SSL on a machine, it needs to have its own digital certificate. When clients makea request to the device, it exports the certificate to provide an encrypted channel.There are 2 options available to obtain a server certificate for the machine:• Have the machine create a Self Signed Certificate• Create a request to have a Certificate Authority sign a certificate that can beuploaded to the machine.A self-signed certificate means that the machine signs its own certificate as trusted andcreates the public key for the certificate to be used in SSL encryption.A certificate from a Certificate Authority or a server functioning as a Certificate Authority(for example Windows 2000 running Certificate Services) can be uploaded to the machine.NOTE: A separate request is required for each Xerox machine.Information ChecklistEnsure that the machine is configured with the following items:1. An IP Address or Host Name must be configured on the machine.2. DNS must be enabled and configured on the machine.NOTE: This is used to set the start time for self signed certificates.Access the Machine Digital Certificate Management Screen1. At your Workstation, open the web browser, enter the IP Address of the machine inthe Address bar.2. Press [Enter].3. Click on the [Properties] tab.4. Click on the [Security] link.5. Click on the [Machine Digital Certificate] link.6. Click on [Create New Certificate].You have the option to create a Self-signed Certificate for the machine, or download arequest for a certificate to be signed by a Certificate Authority.Create a Self Signed Certificate7. Click on [Self Signed Certificate].8. Click on [Continue].9. Enter the Country Code that represents the country in which the machine is located,in the [2 Letter Country Code] box. The country code must be entered as a two-character ISO 3166 country code.If required, enter details for the [State/Province Name], [Locality Name],[Organization Name] and [Organization Unit]. Information entered for theseoptions should describe the machine as per the X500 directory scheme but can be anyvalue which is meaningful to the customer to identify the machine.