Installing a security certificate for a web site

Before you exchange data with a secure web site, install the security certificate for that web site. The process involves downloading the certificate from the web site and adding it as a trusted certificate to your Java Virtual Machine (JVM) Trust Store.

Note: Ricoh ProcessDirector supports security certificates signed by a certificate authority. It does not support self-signed certificates.

To install a security certificate for a web site:
  1. Export the security certificate that the secure web site requires:
    1. Open a browser and navigate to the secure web site.
    2. Click the lock icon on the address bar.
    3. View the certificate and copy it to your computer.

      The steps to view and copy (or export) the security certificate differ for each browser. For detailed instructions, search the browser help system.

  2. Copy the security certificate to the Ricoh ProcessDirector primary server.
  3. On the command line of the primary server, enter this command:

    keytool -import -trustcacerts -alias name -file directorypath_filename -keystore /opt/infoprint/ippd/jre/jre/lib/security/cacerts -storepass changeit

    Replace name with a unique name for the certificate. You use the alias in keytool commands to access the certificate in the keystore.

    Replace directorypath_filename with the directory path and file name of the certificate that you copied to the server.

    The default password is changeit. To change the default password, see the Java keytool documentation about changing passwords. If the password has been changed, see your administrator to get the new password. Type it as the value of the storepass parameter.

    The system displays certificate data followed by this prompt: Trust this certificate?

  4. Enter: yes
  5. To use the certificate, restart Ricoh ProcessDirector. Enter: stopaiw -d ; startaiw
  6. If a Ricoh ProcessDirector secondary server runs steps or hosts input devices that exchange data with the web site, repeat these steps for the secondary server.