Installing AP Connector

Installation steps

1

Execute the installer.

2

Fill the configuration form:

  • YSoft SafeQ server IP: Address of the server where a SafeQ spooler is located (usually the nearest ORS)

  • Port: TCP port of a YSoft SafeQ Server, where the YSoft SafeQ Connecter for AP Connector will try to connect for job delivery (default 9100)

  • SafeQ Open Services port: The service runs on the same port on both the CML and ORS (default: 5556)

  • Printer name: Name of the printer that will be visible on the devices which will be using the AP Connector

  • AP port: Port on which the printer will be announced (pick a port which is available and not used by other services)

images/download/attachments/54068224/Screen_Shot_2015-07-27_at_15.17.20.png

3

During installation, you will be prompted to install the Apple's Bonjour.

images/s/-3eliqb/8502/404359a7d2ab19c9c7c58d12013124a386b28257/_/images/icons/emoticons/lightbulb_on.svg NOTE: If you have already installed Bonjour Print Services in the past, just cancel the Bonjour installer and click Ignore in the error notification window.

images/download/attachments/54068224/Screen_Shot_2015-07-23_at_08.02.53.png

4

After the installation, there should be one running services:

  • YSoft AP Connector (status: Started)

images/s/-3eliqb/8502/404359a7d2ab19c9c7c58d12013124a386b28257/_/images/icons/emoticons/lightbulb_on.svg NOTE: If the services are not started, check <SAFEQ_AP_DIR>\ logs directory for any indication of errors.

Bonjour Configuration

All information regarding the options specified in the configuration file below can be found in the official Bonjour Printing Specification at https://developer.apple.com/bonjour/printing-specification/bonjourprinting-1.2.pdf.

This configuration is located in <SAFEQ_AP_DIR>\bin\connector\services\MdnsService.xml

<?xml version="1.0" encoding="utf-8" ?>
<Service xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<Name>SafeQAP-Test</Name>
<ServiceType>_ipps._tcp,_universal</ServiceType>
<Domain>local.</Domain>
<Port>8050</Port>
<AdminUrl>https://10.0.11.55</AdminUrl>
<Air>username,password</Air>
<Kind>document,photo</Kind>
<Note>YSoft SafeQ</Note>
<Pdl>application/pdf,image/jpeg,image/urf</Pdl>
<Product>(YSoft AP)</Product>
<Rp>ipp/print</Rp>
<Color>T</Color>
<Duplex>T</Duplex>
<Fax>F</Fax>
<Scan>F</Scan>
<Punch>0</Punch>
<Staple>F</Staple>
<Bind>F</Bind>
<Collate>F</Collate>
<PaperMax>legal-A4</PaperMax>
<Tls>1.2</Tls>
<Urf>V1.4,W8,SRGB24,RS600,IS1-2-3-4-5-6-7,PQ1-2-3-4-5,OB1-2-3-4-5-6-7-8-9,CP1,DM2</Urf>
<Uuid>db0def0a-40e1-11e5-a151-feff819cdc9f</Uuid>
<Qtotal>1</Qtotal>
<Ty>YSoft AP</Ty>
<TxtVers>1</TxtVers>
</Service>

AP configuration

Logging

Logs can have several level of detail. To change log level go to <SAFEQ_AP_DIR>\bin\connector\NLog.config

There is an entry where you can change the minimal log level in attribute minlevel:

<logger name="*" minlevel="Info" writeTo="logfile" />

  • To log everything, set milnevel to  Debug

  • To log errors and HTTP trafic, set milnevel to  Info

  • To log only warnings and errors, set milnevel to  Warning

  • To log only errors, set milnevel to  Error

<?xml version="1.0" encoding="utf-8" ?>
<nlog xmlns="http://www.nlog-project.org/schemas/NLog.xsd"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.nlog-project.org/schemas/NLog.xsd NLog.xsd"
autoReload="true"
throwExceptions="false"
internalLogLevel="Off" internalLogFile="c:\temp\nlog-internal.log">
<targets>
<target name="logfile" xsi:type="File" fileName="../../logs/connector.log" archiveAboveSize="20971520" archiveNumbering="Date" archiveEvery="Day" archiveFileName="../../logs/connector.{#}.log" concurrentWrites="false"
layout="${longdate} ${level:uppercase=true:padding=-5:fixedLength=true} ${threadid:padding=-2}| ${callsite:padding=-70:fixedLength=true} | ${message}${onexception:${newline}EXCEPTION\: ${exception:format=ToString}}"/>
<target name="console" xsi:type="ColoredConsole" />
</targets>
<rules>
<logger name="*" minlevel="Info" writeTo="logfile" />
<logger name="*" minlevel="Info" writeTo="console" />
</rules>
</nlog>

IP addresses and ports

To configure IP addresses and ports, go to <SAFEQ_AP_DIR>\bin\connector\ConnectorService.exe.config

In order to change SafeQ IP address, set value for "user-auth-ip" and "job-sender-ip".

To change port used by AP, set value for "ipp-port".

<add key="user-auth-ip" value="10.0.11.62" />
<add key="user-auth-port" value="9100" />
<add key="job-sender-ip" value="10.0.11.62" />
<add key="job-sender-port" value="9100" />
<add key="sos-license-ip" value="10.0.11.62" />
<add key="sos-license-port" value="5556" />
<add key="job-delivery-protocol" value="PL4" />
<add key="ipp-port" value="8050" />
<add key="allow-public-user" value="F" />
<add key="public-user-name" value="AirPrintPublic" />
<add key="public-user-password" value="AirPrintPublic" />
<add key="job-prefix" value="" />

Security Certificate

AP Connector supports secure connection by default using its own built-in security certificate. In case a custom security certificate is required, follow these steps:

1

Remove default certificate binding.

Open a command line window on the server with AP Connector and execute the following command:

netsh http delete sslcert ipport=<IP>:<port>

<IP> is usually 0.0.0.0

<port> is the port to which the certificate is bound (8050 by default)

If you are not sure, you can list all the security certificates using the following command:

netsh http show sslcert

2

Import certificate to Windows Certificate Store

The security certificate stored in Windows Certificate Store (Personal) needs to have the following Intended Purposes: Client Authentication and Server Authentication.

In case the security certificate is not yet available in Windows Certificate Store (Personal), you can import it using the below command. Personal Information Exchange (.pfx or .p12 file) is accepted for this purpose.

Windows Server 2012 and above: 

certutil.exe -importpfx "My" "yourcertificate.pfx"

Windows Server 2008:

certutil.exe -importpfx "yourcertificate.pfx"

 

3

Add certificate binding to the port

by running the following command in the command line window:

netsh http add sslcert ipport=0.0.0.0:<port> appid={214124cd-d05b-4309-9af9-9caa44b2b74a} certhash=YOURCERTHASH

The value of the "certhash" can be found following these steps:

  1. Run certlm.msc

  2. Find the desired certificate in the Personal folder and double click it

  3. Certificate hash is located in Detail page under Thumbprint label

  4. Copy the value of the Thumbprint and make sure there are no invisible characters at the start or at the end of the string (it adds an invisible character at the beginning!).

  5. Then replace YOURCERTHASH with the new value in the command

Limitations

  • Number of copies (finishing option) are supported only when AP Connector is set on ORS.

  • Page ranges are not supported.

  • Reset stored credentials are only for iOS 10 or higher.

  • Paper size can't be changed. Paper size is A4 by default. If the document contains physical size, the document is released unchanged with the original size. E.g. if you have PDF document in A3 format, it is sent to a printer as A3.

Troubleshooting

Installer

Log file of installer is located at the <SAFEQ_AP_DIR>\InstallationLog.txt. 

For better identification of the issue, click "Ignore" on any error window that pop ups during installation, it will keep the installation log intact. Clicking "Cancel" will cancel the installation process and uninstall any installed files (including the log file).

images/s/-3eliqb/8502/404359a7d2ab19c9c7c58d12013124a386b28257/_/images/icons/emoticons/lightbulb_on.svg NOTE: If the YSoft SafeQ does not have valid AP Connector license, the AP Connector will refuse any print job and display information that the YSoft SafeQ has no license. More information is in the log files located at <SAFEQ_AP_DIR>\logs\*. 

AP Connector

Log files of AP connector are located at <SAFEQ_AP_DIR>\logs.