Hardware Thread, HP Printer web-interface over HTTPS in Technical; Thought I'd make a note of this as it's one that's bugged me for a while and I never realised ...
29th April 2008, 02:40 PM #1
HP Printer web-interface over HTTPS
Thought I'd make a note of this as it's one that's bugged me for a while and I never realised the source until now.
- More than one network equipped HP printer on your network.
- Https connection to the web interface of one printer works ok
- Https connection to a different printer gives error that the certificate serial number has already been associated to a different hardware item
- Firefox in particular refuses to let you connect to any additional printers in this way.
- HP Have only created a single security certificate for all their printers so firefox throws out the bathwater and refuses to connect
- Connect to the printers using IE (it doesn't get so uppity)
- Turn off HTTPS redirect required in the network settings
- Repeat for each printer
- Use HTTP to connect to the printers from here on out.
- Use IE
- Accept certificates for session only (not permanent)
- Only ever connect to one printer during a session
- Shutdown and restart your firefox browser each time you want to go to a different printer.
Ref: The full error (minus the bit about contacting your admin)
You have recieved an invalid certificate. (snip)
Your certificate contains the same serial number as another certificate issues by the certificate authority. Please get a new certificate containing a unique serial number.
Last edited by contink; 29th April 2008 at 02:43 PM.
29th April 2008, 02:53 PM #2
Lame in some respects on the part of hp but understandable in others.
As the certs are stored in firmware there are only a couple of ways around this would be to compile a new firmware image on the fly for each printer on their server and to download once for each printer. The only other way would be to include their private certificate in the firmware and have each printer generate a unique key when it is first plugged in. The issue with this method is that someone could crack open their firmware and sign certs as hp thereby opening up people who trust hp certs to be infiltrated by fake certs.
Surely there must be something in firefox's about:config page to disable this behavior though.
29th April 2008, 03:16 PM #3
Our Colour Laserjet 5500 allows you to upload your own certs + keychain bundle.
29th April 2008, 04:16 PM #4
No such luck with the Officejet line... Granted this is only the K550, K5400, L7680 I've checked so far..
Originally Posted by Geoff
29th April 2008, 04:24 PM #5
Doesn't surprise me, the 5500 is a bit of heavyweight with more bells and whistles than you can shake a stick at. Where as the officejets you mention are a little more, budget?
29th April 2008, 05:17 PM #6
Originally Posted by Geoff
Just found that the K8600 is the same as the others but has a few nice little bells over the other models.. but that's a whole other topic.
29th April 2008, 09:46 PM #7
Couldn't you install the WebJet Admin software on a machine and view that over HTTPS? This then gives you a pretty console of all your printers - plus there's more info than some of the more basic printers/JD cards care to offer you
29th April 2008, 09:57 PM #8
Sorry - https - to a printer ???
I know I'm at the loose end of the security spectrum but ...
Go on - educate me - why use https?
29th April 2008, 10:06 PM #9
By j17sparky in forum Wireless Networks
Last Post: 11th March 2008, 01:20 PM
By Quackers in forum Windows
Last Post: 29th March 2007, 09:22 AM
By Uraken in forum General Chat
Last Post: 22nd February 2007, 03:21 PM
By NetworkGeezer in forum How do you do....it?
Last Post: 21st March 2006, 12:20 PM
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)