Install SSL Certificate

Install certificates on the Core Server to use SSL. RICOH Streamline NX supports certificates issued from Windows Local Certificate Authority, certificates issued from root certificate authorities (root CA), or intermediate certificate authorities (intermediate CA) such as Verisign, Thawte, and Entrust, in addition to self-signed certificates.

See the Microsoft website for the functional outlines and installation procedure of Windows Local Certificate Authority.

  • https://technet.microsoft.com/library/cc755071(v=ws.11).aspx

  • https://technet.microsoft.com/library/jj717285(v=ws.11).aspx

Use the following procedure to set the SSL certificate.

Number

Steps

Notes

1

Stop the RICOH Streamline NX Service

Use a user account with administrative privileges to log on to Windows, and then stop the RICOH Streamline NX service.

For details about stopping a service, refer to Stop and Restart Services.

2

Back up the system

Back up the RICOH Streamline NX system in case a problem occurs.

For details about creating a backup, refer to Backup and Restore SLNX .

3

Create a new forward lookup zone

Open the Control Panel and select Administrative Tools, then select DNS Manager. Create a new forward lookup zone.

For details, refer to the technical information from Microsoft.

4

Migrate the domain using commands

Use the rendom command to migrate the domain. Obtain Domainlist.xml, and rename the domain name.

Use the repadmin command to copy information from the existing domain.

For details, refer to the technical information from Microsoft.

5

Integrate the new domain into Active Directory

Start [Control Panel] → [Administrative Tools] → [DNS Manager] and change the type of the newly created forward lookup zone to [Active Directory-integrated]. Then, delete the forward lookup zone of the old domain.

For details, refer to the technical information from Microsoft.

6

Start the RICOH Streamline NX Service

After changing the domain, use a user account with administrative privileges to log on to Windows, and then start the RICOH Streamline NX service.

You do not have to perform this procedure if [Automatic] is selected as the startup type of the service.

  1. Go to [System] → [Server Settings] → [Networking].

  2. Select [Commercial Certificate Authority] in [Use SSL/TLS], and then enter the port number to use for SSL communication.

  3. Create a Certificate Signing Request (CSR) if there is no SSL certificate.

    When installing a full certificate, skip this step.

    1. Click [Create CSR].

    2. Specify the information required to create a CSR:

      Server Name, Organizational Unit, Organization, City or Locality, State or Province, Country Code (two alphabetical letters), Alternate Subject Names(*), and Signing Algorithm

      (*) Enter Alternate Subject Names as necessary. Alternate Subject Names may not be supported by an internal certificate authority depending on its configuration.

    3. Click [Create CSR].

    4. Copy and paste the displayed information to the form to be submitted to the CA.

    5. Store the certificate issued from the Certificate Authority.

  1. Click [Install Certificate].

  2. Select the type of certificate, click [Browse], and then select the certificate on the server or network.

When installing a full certificate including the private key, select [SSL] for [Certificate Type], and then enter the password to access the private key in [Full Certificate Password].

  1. Click [Upload].

  2. Click [Save] at the bottom of the [Networking] tab.

You are automatically logged out from the Management Console, and a new login screen using the new URL via SSL communication is displayed after 30 seconds.