Skip to main content
Skip table of contents

Communication Security

MyQ runs with secure communication (SSL) by default, but also offers three different certificate authority modes, that can be modified in MyQ, Settings, Network.

Toshiba devices require an SSL certificate for the specific Fully Qualified Domain Name (FQDN). Wildcards or Subject Alternative Name (SAN) cannot be used.

If the certificate is invalid, events, e.g. card reading or job notifications, will not work.

The error log can be viewed in the Toshiba Web UI, in Logs > View Logs > Message Log:

Error: Failed to establish the TLS session (unknown CA)

Built-in Certificate Authority

When using this mode (default), it is required to Generate new CA certificate after the configuration of the server hostname to FQDN on the MyQ web administrator interface, in Settings, Network, Communication Security.

MyQ web UI - communication security

Install the generated ca-myq.crt certificate from C:\ProgramData\MyQ\Cert to Trusted Root Certification Authorities on the server.

Upload the generated ca-myq.crt certificate from C:\ProgramData\MyQ\Cert on the Toshiba device Web UI, in Administration > Security > Certificate Management as CA Certificate (PEM).

Installing the certificate on the device web UI

Using custom certificates

In case a custom SSL certificate is uploaded in MyQ, the certificate should also be installed in device web UI and in the Trusted Root Certification Authorities on the server.

Troubleshooting

In cases that the Request host is not allowed warning message is displayed after a user logs in to the terminal, or the Access denied error message is displayed after a user is trying to use panel operations (Panel Copy or Panel Scan), an invalid certificate is used (a valid certificate has to be created for the specific FQDN).

For correct use of the certificates, the reversal DNS lookup has to be enabled on the server.

Reversal DNS lookup has to be enabled also for the cluster server address in cases that the MS Cluster high-availability solution is used.

Request host is not allowed error on the terminal
Access Denied error on the terminal

Enable unsecure communication

If SSL communication is not required, you can enable unsecure communication (not recommended) in MyQ Easy Config. Go to the Settings tab, under Web Server, enable Allow unsecure communication, and click Save.

MyQ Easy Config - Allow unsecure communication

 

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close