Edge Encryption proxy server setup and installation Install one or more Edge Encryption proxy applications on your network. Installing a Edge Encryption proxy includes these steps. Install the Edge Encryption proxy application on a server in your network. Generate the RSA key pair for digitally signing encryption configurations and encryption rules. Install the Java Cryptography Extension (JCE), if you plan to use AES 256 encryption. If you are using a secure SSL connection, obtain a server certificate and import it to the Java KeyStore key store. If order preserving encryption types or encryption patterns are to be used, set up a MySQL database instance on a machine in your network. Set up the edgeencryption.properties configuration file. Set up each user's browser to point to an Edge Encryption proxy. Accessing the proxy server Once installation is complete, point each user's browser to an Edge Encryption proxy using the URL format: <host>:<port>. Values are determined by the host and port properties in the edgeencryption.properties file. See Edge Encryption proxy server properties. As an example with the following values: Property Example value edgeencryption.proxy.host hostname.mycompany.com edgeencryption.proxy.http.port 8081 A client will access the proxy server using the following address: http://hostname.mycompany.com:8081/. Note: DNS settings and routing rules may be used. Host and port values are determined by your network administrator. Request Edge EncryptionThe Edge Encryption plugin (com.glide.edgeencryption) is available as a separate subscription. Set up an Edge Encryption user accountThe Edge Encryption proxies connect to the instance as a user to obtain and update encryption configuration information. Create a user account for this purpose and give the edge_encryption role to the user. Download the Edge Encryption proxy applicationDownload the Edge Encryption proxy application from your instance, and then copy the ZIP file to each computer that is to run the Edge Encryption proxy server.Install the Edge Encryption proxy serverManually install multiple Edge Encryption proxy servers in your network. Stop the Edge Encryption proxyYou can stop an Edge Encryption proxy from the command line.Uninstall the Edge Encryption proxy on LinuxYou can uninstall the Edge Encryption proxy. If you are upgrading the proxy, it is not necessary to shut down and uninstall the current version. Uninstall the Edge Encryption proxy on WindowsYou can uninstall the Edge Encryption proxy. If you are upgrading the proxy, it is not necessary to shut down and uninstall the current version. Lock the proxy configurationIf you want to prevent encryption configuration changes to the proxy in production, set the proxy locked property.Set up multiple provider SSO with Edge EncryptionIf implementing multiple provider single sign-on (SSO) with Edge Encryption enabled, some users may need to log in to your instance through the Edge Encryption proxy server, while other users may not. Set up multiple provider SSO to enable logging in through the Edge Encryption proxy server URL or the instance URL. Edge Encryption proxy server propertiesThe edgeencryption.properties configuration file located in the <installation directory>/conf/ folder contains properties used to configure your environment. Using a load balancer with the Edge proxy serverYou can use a load balancer to balance the load across the proxy servers in your Edge Encryption proxy setup. However, you must either configure the environment to return responses to the load balancer instead of the proxy server and configure load balancer iRules, or run the proxy servers on the same port as the load balancer. Otherwise, users cannot view the responses to their requests.