Embedded PDS not downloading jobs from PDH - c06353664

This is an internal solution with more details related to this Article: Some PrinterOn Embedded Agents for Samsung/Ricoh are no longer communicating with the PrinterOn Server

Changes required in PDH Listener.properties file:

• Located here: C:\ProgramData\PrinterOn Corporation\ PONData \PDH\server
• Stop the PDH Windows service
• Launch file using internal PrinterOn tool fileviewer.jar
• Locate the value "DisableTLSv1=true"
• Rename this to "DisableTLSv1=false"
• Save changes
  NOTE:
  If you have a PDH service running on the machine you're accessing fileviewer.jar from, you will need to ensure the Windows service is stopped before attempting to save
• Replace the listener.properties file on your server
• Start the PDH Windows service

Changes required in CPS' server.xml file:

• Stop CPS
• Located here: C:\Program Files (x 86)\ PrinterOn Corporation\Apache Tomcat\Conf
• Change sslEnabledProtocols so that older protocols are supported
• sslEnabledProtocols =”TLSv 1.1,TLSv1.2,TLSV1,SSLv3,SSLv2Hello”
• Save the file
• Start the Central Print Services

Confirm the changes are successful:

• Make sure the configuration for the agent reflects the PDH URL as https
• Log into embedded agent
• Click on the Test button to confirm connection to PDH is successful
• Send a test print and confirm the job is downloaded by the agent

If this still does not resolve things, it could be the agent is using an outdated Java version so you should try this:

• Stop the Central Print Services Windows service
• Delete the following file: C:\Program Files (x 86)\ PrinterOn Corporation\Apache Tomcat\bin\tcnative-1.dll
• Restart the Central Print Services Windows service.

NOTE:

Removing the tcnative-1.dll file forces the embedded agent to use the built-in version of Java security libraries instead of using OpenSSL for secure communication.

This change does not introduce a vulnerability, but does result in a lower level of security since it reduces the SSL/TLS level used during communication.

You should review the latest Java security notices before going ahead with this change, as PrinterOn has not tested all possible impacts.