Using Certificates for device security

Your Brother machine supports the use of multiple security certificates allowing secure management, authentication and communication with the machine. The following security certificate features can be used with the machine.

•	SSL/TLS communication
•	IEEE 802.1x authentication
•	SSL communication for SMTP/POP3

The Brother machine supports the following certificates.

•

Pre-installed certificate

Your machine has a pre-installed certificate.

Using this certificate, you can easily use the SSL/TLS communication without creating or installing a certificate.

•

Self-signed certificate

This scan server issues its own certificate. Using this certificate, you can easily use the SSL/TLS communication without having a certificate from a CA. (See Creating and installing a certificate.)

•

Certificate from a CA

There are two methods for installing a certificate from a CA. If you already have a CA or if you want to use a certificate from an external trusted CA:

•	When using a CSR (Certificate Signing Request) from this scan server. (See How to create a CSR.)
•	When importing a certificate and a private key. (See Import and export the certificate and private key.)

•

CA certificate

If you use a CA certificate that identifies the CA (Certificate Authority) itself and owns its private key, you must import a CA certificate from the CA, prior to the configuration. (See Import and export a CA certificate.)

Note

•	If you are going to use SSL/TLS communication, we recommend that you contact your system administrator first.
•	When you reset the scan server back to its default factory settings, the certificate and the private key that are installed will be deleted. If you want to keep the same certificate and the private key after resetting the scan server, export them before resetting and re-install them. (See How to export the self-signed certificate, the certificate issued by a CA, and the private key.)

Configure certificate using Web Based Management

This feature can be configured using Web Based Management only. Follow these steps to access the configure certificate page using Web Based Management.

Start your web browser.

Type “http://machine’s IP address/” into your browser (where “machine’s IP address” is the machine’s IP address).

•	For example: http://192.168.1.2/

Click Network.

No password is required by default. Enter a password if you have set one and click

Click Security.

Click Certificate.

You can configure the certificate settings from the screen below.

Note

•	Functions that are grayed out and unlinked indicate they are unavailable.
•	For more information on configuration, see the Help text in the Web Based Management.

Page Top