SHA-1 Certificate to Expire on May 18th

Action required to continue automatic Meter Reads and Supplies Replenishment

Effective May 18, 2019, older Xerox devices using the SHA-1 (Secure Hash Algorithm) security certificate will not be able to transmit their meter and supply usage data over the device-direct pathway. The replacement and more secure SHA-2 certificate will be required.  Customer action is needed to ensure that your automated meter reads (AMR) and automated supplies replenishment (ASR) are not disrupted.

The list of affected products that could still be using the SHA-1 certificate is available in the Security Bulletin found at

The options for each product family are specified in the bulletin:

  1. For most products, a customer-installable software upgrade will deliver the SHA-2 certificate and enable device-direct communication to continue. 
  2. All Office products can use a device manager, such as the free Xerox® Device Agent (XDA), or Xerox® CentreWare® Web Software, Xerox® Device Agent, Xerox® Device Agent Partner Edition, and Xerox® Device Manager.  (Toolsets may vary by service agreement.)  This proxy communication method will support automated meter reads and supply replenishment going forward. 

To determine if your devices are impacted, review your machines’ current software levels and compare them to the minimum SHA-2 compliant software versions stated in the bulletin.

Please perform the individual software upgrades to obtain the SHA-2 certificate and continue device-direct communication where possible. This communication method is beneficial because it provides a diagnostic payload that is used by our service agents to diagnose problems and arrive at solutions more quickly.

Customers with multiple machines impacted by this change may find it efficient to use the device manager option as a solution.  It can be setup rather quickly, and will work simultaneously with your current device-direct connections.  When SHA-1 expires, machines that have not upgraded to SHA-2 will stop communicating device-direct, but the device manager application will continue to report the devices’ meter reads and supply replenishment needs.  Visit our Remote Services online support assistant for information on how to use the device manager solution.  Customers that currently use XDA or any of the other device manager toolsets should ensure that their application is discovering all of the machines that are impacted by the SHA-1 expiration.

If you need assistance upgrading your device software, installing Xerox® Device Agent (XDA), or determining which option is appropriate for your service agreement, visit to chat with an expert, or call your local support desk. 

For more information on the connection methods and Remote Services, please consult the Security White Paper.

Not addressing this matter by May 18th could result in delayed toner shipments, and necessitate manual meter collection for billing purposes.  Please dedicate a few moments to ensure your devices are compliant with the more secure SHA-2 certificate for device direct communication, or are using the device manager pathway.

Related Posts

Receive Updates


  1. Carole Levrat May 3, 2019 - Reply

    Dear Sirs,

    Apparently for the newsletter in

    Thank you and best regards,
    Carole Levrat

    • Cheryl Otstott May 30, 2019 - Reply

      Hi Carole,
      Thank you for your comment, but I am not sure what you are asking. Please clarify or contact support for information.

Post A Comment

Your email address will not be published. Required fields are marked *

To see how we protect your personal data, view our Privacy Policy.