PrinterOn KB Powered By ePRINTit USA

Can I use a self-signed certificate with PrinterOn Enterprise? - c06361140

This article is to remind everyone, and ultimately kick off the process, of instituting some new security practices for PrinterOn Enterprise on-premise deployments.

Summary of change

Going forward, PrinterOn client software, including mobile apps, PrintWhere as well as PDS and PDG will no longer support self-signed certificates by default. And will require performing some additional steps by the administrator and user. In this era of internet communication and security breaches, saying the “bridge is secure” is not enough, we need to also guarantee that the on ramp and off ramp to that bridge is secure as well, that is the new standard.

Who and what will this affect?

Is this normal?

Yes, this is becoming the new normal. For example, HP’s MFPs use a similar method as we are proposing. Apple is making it hard and hard to actually support self-signed certificates in code as they encourage people to protect themselves.

What are the extra steps?


If a valid certificate is installed on the server no additional steps are needed.

These steps are very similar to ones used today already to install a valid certificate and known by PS and only apply if a valid certificate is not installed on the server.

This can be done by email or MDM provider

We are investigating ways to simplify the deployment without decreasing security

What is the purpose?

In short – to guarantee secure communication between clients (like the mobile apps or AirPrint ) and the PrinterOn server

Neither the client nor the server would be aware that the communication has been compromised

To confirm, as of September 2018 and mobile app version 3.6.0, in order to support mobile app submissions, a properly trusted certificate is required. Other submission methods will continue to be successful.