How to configure Print Delivery Station to utilize a signed/trusted certificate - c06612926
Print Delivery Station (PDS) does not utilize SSL/TLS by default to receive print data. This can be updated to utilize a keystore which has had root and intermediate certificates imported into it. NOTE: If your environment includes a Print Delivery Hub, it's unlikely that job data will arrive directly to PDS. Typically, PDS will download the job data from the PDH using an outbound connection. In which case, PDH should have its listening port secured.
- Log into the PrinterOn Configuration Manager
- Navigate to Advanced - Components - Print Delivery Station
- Navigate to the PDS Security tab
Generate a New Keystore by completing all the fields on this page. The details used here will be part of your certificate details.
The Command Name (CN) value must reflect the address which you wish to secure. This should be the IP or DNS name for the server which is hosting the PDS application. Choose IP or DNS based on how your PDS is being used. If users are submitting jobs via PrintWhere , jobs may be sent directly to the PDS and therefore this address must be routable from their network.
- Use this newly created keystore to generate a CSR
- Upload your CSR to your Certificate Authority (CA)
- Download your signed certificate in PKCS 7 format from the CA
- Import the signed certificate into your keystore
- Navigate to the PDS Networking tab and enable SSL next to the Default IPP Port
- Restart your PDS service for the new certificate to take effect
- Confirm the new certificate is being used by loading https://127.0.0.1:631 from a browser on the machine hosting Print Delivery Hub. The expected response is an XML reply which contains "This server does not support this API."
631 is the default port, if this has been changed, ensure your test connection reflects the correct port