Thought I'd make a note of this as it's one that's bugged me for a while and I never realised the source until now.
- More than one network equipped HP printer on your network.
- Https connection to the web interface of one printer works ok
- Https connection to a different printer gives error that the certificate serial number has already been associated to a different hardware item
- Firefox in particular refuses to let you connect to any additional printers in this way.
- HP Have only created a single security certificate for all their printers so firefox throws out the bathwater and refuses to connect
- Connect to the printers using IE (it doesn't get so uppity)
- Turn off HTTPS redirect required in the network settings
- Repeat for each printer
- Use HTTP to connect to the printers from here on out.
- Use IE
- Accept certificates for session only (not permanent)
- Only ever connect to one printer during a session
- Shutdown and restart your firefox browser each time you want to go to a different printer.
Ref: The full error (minus the bit about contacting your admin)
You have recieved an invalid certificate. (snip)
Your certificate contains the same serial number as another certificate issues by the certificate authority. Please get a new certificate containing a unique serial number.
Last edited by contink; 29th April 2008 at 01:43 PM.
Lame in some respects on the part of hp but understandable in others.
As the certs are stored in firmware there are only a couple of ways around this would be to compile a new firmware image on the fly for each printer on their server and to download once for each printer. The only other way would be to include their private certificate in the firmware and have each printer generate a unique key when it is first plugged in. The issue with this method is that someone could crack open their firmware and sign certs as hp thereby opening up people who trust hp certs to be infiltrated by fake certs.
Surely there must be something in firefox's about:config page to disable this behavior though.
Couldn't you install the WebJet Admin software on a machine and view that over HTTPS? This then gives you a pretty console of all your printers - plus there's more info than some of the more basic printers/JD cards care to offer you