[cups.general] Encryption and certificates
Michael Sweet
msweet at apple.com
Sun Apr 29 10:13:09 PDT 2012
On Apr 29, 2012, at 8:16 AM, Nuzhna Pomoshch wrote:
> 1. Is there an example of setting up cups so that encryption is required for all printing sessions (completely separate from requiring encryption for administration)?
I don't think we have a specific example of this on the server side, but it is just the following line in cupsd.conf:
DefaultEncryption Required
You can use the following command to set it:
cupsctl DefaultEncryption=Required
This is documented in the cupsd.conf man page and online help, just not as a specific example.
> 2. Is it possible for cups to require (and again, is there an example somewhere demonstrating it) client certificates to be able to print?
Not at present. Some of the support for this was added in CUPS 1.5, but as user certificate management is still not standardized we didn't add anything for client authentication using certs. Feel free to ask for this (along with pointers to what you are using to manage the certs) in a bug report:
http://www.cups.org/str.php
Longer term we *do* want to support this and two-factor (cert + username/password, Kerberos, OAuth2, etc.) authentication.
_________________________________________________________
Michael Sweet, Senior Printing System Engineer, PWG Chair
More information about the cups
mailing list