Enabling Secure Sockets Layer or Transport Layer Security

You can activate Secure Sockets Layer (SSL) or Transport Layer Security (TLS) protocols for secure encrypted connection using RICOH ProcessDirector settings.

Before you begin this task, you must obtain a digital certificate and store it on the computer where the base product is installed on. Follow the instructions provided by the certificate authority (CA) for installing the certificate. You must also know where the keystore is located on the server and the password for the keystore.

If your server is not already using SSL or TLS, generate a new key and keystore with the keytool command.

The enabling process requires Perl to run. Before you enable SSL or TLS, make sure a Perl interpreter is installed.

  • keytool is a Java command. For details about using keytool, consult your CA or Java documentation.
  • Your private key password and keystore password must be the same. If they are not the same, you receive a java.io.IOException error.
To enable secure connection:
  1. Click the Administration tab.
  2. In the left pane, click SettingsSecurity.
  3. Set the Enable secure HTTP property to Yes.
  4. Enter values for the required fields: Keystore file, Keystore password.
  5. To be automatically redirected to the secure protocol without having to take any action, set the Redirect to secure URL property to Yes.
    • If you enable the secure connection but leave the Redirect to secure URL property set to No, you and other users are not redirected to the new URL when you try to use a link to the old URL (http://hostname:15080/pd). Make sure that everyone updates their links to use the URL from the Secure URL field.
    • The URL value that RICOH ProcessDirector uses for a secure connection is listed in the Secure URL field.
  6. Click SAVE.
  7. Restart RICOH ProcessDirector to apply the settings.
    • If Feature Manager is running, you must also restart it to apply the new settings.

If you use RICOH ProcessDirector Web services to exchange print data with other applications in your system, make sure that the client software you use to invoke the Web services supports SSL or TLS.