Need to know of the Ricoh MP C2550 supports SSL. I know the MPC 2500/3000 and MPC 3500/4500 will not. I was told the series ending with "1" (3001, 2551, etc. ) will but have also been told that the MPC2550 supports SSL as well. What does it mean when you click on the SSL under "security" and it says this : "SSL/TLS is unavailable without device certificate installation". Here is the scenario: I deliver a Ricoh MPC2500 and the guy tealls me his server is offsite (back at corporate) and cannot use a non-secure (Yahoo, Gmail, etc.) to transmit docs. because of security/liablilty issues so I tell him this machine (MPC2500) does not support SSL. I bring the machine back and tell my boss the MP2550 WILL support SLL. Still not sure if it will or not and don't know what the message "SSL/TLS is unavailable without device certificate installation". means. Any help would be apprecaited.
-
-
Re: Scan to e-mail SSL MPC2550
Unless your customer or his IT department provides you with an SSL certificate you won't be going anywhere with it. I believe you have to update it through SDM or the Web Image Manager, but I have never had a need for it... You could, as an alternative, try stunnel.
Also, you could make your own certificate. -
Re: Scan to e-mail SSL MPC2550
If you do NOT see the TLS/SSL on the touchscreen of the MFP under User Tools : System Settings : File Transfer : SMTP Server, then your machine will NOT provide SSL/TLS authentication to their server. If it does, it will be fixed to a specific port (465 I think) so if their server is a t 587, then you are still stuck. If you can see the prot # on teh touchscreen, then you can set it to the proper port. Examine a MPc3502 or older MPc3501 and you will see a differance.
That is not to say that it cannot PASS email thru their server, but they would have to make an exception in their relay options, or make a new connector for this specific MFP's IP address. This will probably not be allowed as it too is a vilolation of security principals.Comment
-
Re: Scan to e-mail SSL MPC2550
Thank you RalphS. I looked under filre transfer: SMTP:, no SSL/TLS tabs. Looks like this one does not scan to a secure server. Appreciate the help.Comment
-
Re: Scan to e-mail SSL MPC2550
Just a thought, but would the PDF encryption the device allows for scan to email be enough to meet their security standards? Yes, it's not being sent over a secure channel, but if the document itself is secure does that mitigate the risk to any extent?Comment
-
Re: Scan to e-mail SSL MPC2550
Well, you should recommend him to scan to a Secured FTP server like FILEZILLAComment
-
Re: Scan to e-mail SSL MPC2550
Turns out the customer is okay with PDF encryption. Does the machine still need a device certificate installed to use it? I have operation manuals one and two and have read through them but still very confused on how to set it up. The customer is using Hostgator for his e-mail server and I am able to send e-mails from the machine using the server name and log-in credential using port 25. Just not sure how to set up PDF encryption. Thanks in advance for any help. Will be in the office this weekend to figure it out as the delivery is on Monday.Comment
-
Re: Scan to e-mail SSL MPC2550
The device does encryption at the document level and password protects the file. No SSL or other certificates are required, but the recipient will need the password to open the file.
I don't have a machine handy so this is just going off the instructions from the manual:
At the scanner screen, for the file type, select PDF and then go to:Security Settings>Encryption>Encrypt Document. Set that to On, then choose a password, confirm it, and then choose the encryption level of either 40 bit or 128 bit (I'd recommend the latter) and then press OK twice to confirm.
Depending on how thorough you want to be, you could try saving this as a Programmed preset, but that would always use the same password. The customer's IT may want a new password to be used every time, but you can leave that up to them to determine.Comment
-
Re: Scan to e-mail SSL MPC2550
I would try creating a Gmail account, using smtp.gmail.com on port 587 which uses TLS over SSL. Also of course use SMTP authentication and all should be working just fine
Comment
-
Re: Scan to e-mail SSL MPC2550
This will not work. If a Ricoh doesn't support SSL, it also won't support TLS. The newest "02's" *might* support TLS, but definitely support SSL.Comment
-
Re: Scan to e-mail SSL MPC2550
Before you call someone out, you might want to actually try it first. Of course it works, I do it everyday and the new "02s" as you say, do support SSL as well. It's an option right below the SMTP Server address in file transfer. "Authentication using secure connection, SSL." Doesn't get much clearer than that. Also TLS will work on the "01" models also. And SSL is available on some color "01" models.Comment
-
Re: Scan to e-mail SSL MPC2550
The MPC2550 does support ssl/tsl, be sure you have the latest firmware. I'm reading the firmware history, looks like NIB ver 8.30 and web support ver 1.01 enabled ssl/tsl.
How do I enable SSL?
Follow these steps
- Open a web browser, and then enter http://(device's-address)/ in the address bar to access your device.
- Log onto the device.
- Enter the administrator user name and login password.
- Click [Configuration].
- Click [SSL/TLS] under Security settings.
The [SSL/TLS] page appears.
- Click [Enable] or [Active] for SSL/TLS.
- Click [OK].
The SSL setting is enabled.
- Log off from the device.
Note:
- If you set [Permit SSL/TLS Communication] to [Ciphertext Only], enter https://(device's address)/ to access your device.
- This procedure is used for a self-signed certificate or a certificate issued by a certificate authority.
- If a server certificate has not been installed in your device, the SSL/TLS feature is not available.
To install the server certificate in your device, follow these steps:
- Open a Web Image Monitor.
- Enter http://(address-of-device)/ in the address bar to access the printer.
- Log onto the device.
The network administrator can log on.
Enter the login user name and login password.
- Click [Configuration], and then, under [Security], click [Device Certificate].
The [Device Certificate] page appears.
- Click [Request].
- Make the necessary settings.
- Click [OK].
[Requesting] appears for [Certificate Status] in the Certificates area.
- Log off from the device.
- Apply to the certificate authority for the server certificate.
The application procedure depends on the certificate authority. For details, contact the certificate authority.
For the application, click the Web Image Monitor Details icon and use the information that appears in Certificate Details.
Note:
- Using Web Image Monitor, you can create the contents of the server certificate but you cannot send the application.
- Click [Cancel Request] to cancel the request for the server certificate.
- Open a Web Image Monitor.
About SSL
SSL is a cryptographic protocol that can be used to establish encrypted communication when using Web Image Monitor, IPP, SmartDeviceMonitor for Admin, or similar applications.
To protect data from interception, analysis, and tampering, you can install a server certificate in the device, negotiate a secure connection, and encrypt transmitted data.
How communication works with SSL
- User's computer requests SSL server certificate and public key from device.
- Device sends SSL server certificate and public key to user's computer.
- User's computer encrypts data for transmission, using public key.
- User's computer transmits encrypted data to device.
- Device decrypts data, using private key.
Note:
- To establish encrypted communication using SSL, the device must have the printer and scanner functions.
Comment
-
Re: Scan to e-mail SSL MPC2550
Hello "anothertech", I beleive that this makes the MFP's web page secure so that the http://<ip_address_of_printer> no longer work, and you need to use https:// to get to the machine. I do not beleive that this will provide the SSL/TLS funtion for authentication to the email server if the OPTION is not available on the usertools touch screen for file transfer, SMTP server.
I am on the phone with Ricoh support right now asking about scanning to Excahnge 365 which requires SSL/TLS on port 587 encryption. My current issue is on a MPc3502 which does have this feature, and the PORT shows that it is 587, and a connection test works, but email sending does not.
Ricoh provides solutions, but so far only as an added service to the base machine, thru eCopy, Globalscan, and other external solutions.Comment
-
Let us eat, drink, and be merry, because tomorrow we may die!
For all your firmware & service manual needs please visit us at:
www.copierfirmware.co.uk - www.printerfirmware.co.uk
โComment
-
Re: Scan to e-mail SSL MPC2550
the same thing happend with me but with other problems and difficultiesHello "anothertech", I beleive that this makes the MFP's web page secure so that the http://<ip_address_of_printer> no longer work, and you need to use https:// to get to the machine. I do not beleive that this will provide the SSL/TLS funtion for authentication to the email server if the OPTION is not available on the usertools touch screen for file transfer, SMTP server.
I am on the phone with Ricoh support right now asking about scanning to Excahnge 365 which requires SSL/TLS on port 587 encryption. My current issue is on a MPc3502 which does have this feature, and the PORT shows that it is 587, and a connection test works, but email sending does not Tutuapp 9apps Showbox .
Ricoh provides solutions, but so far only as an added service to the base machine, thru eCopy, Globalscan, and other external solutions.Last edited by klimbo123; 01-22-2019, 06:44 PM.Comment
Comment