Manually install the Edge Encryption proxy server Manually install multiple Edge Encryption proxy servers in your network. Before you begin Roles required: security_admin on your ServiceNow instance and local administrator on the host machine. If order preserving encryption types or encryption patterns are to be used, set up a MySQL database on a machine in your network if not already present. About this taskFirst, set up a single Edge Encryption proxy server. After your first proxy server is successfully running, add additional proxy servers for one instance to ensure an optimal environment. See Sizing your Edge Encryption environment to determine the number of additional proxy servers needed. Install the Edge Encryption proxy serverYou can install an Edge Encryption proxy on a 64-bit Windows or Linux computer.Create and configure the RSA key pair for the digital signatureCreate an RSA key pair that the proxy server can use to create the digital signature for signing changes to the encryption properties and configuration. Import and configure the certificate for secure SSL connectionTo use a secure SSL connection, import a server certificate and add it to the Java KeyStore.Optionally enable AES 256-bit encryptionIf you want to use AES 256-bit encryption, you must install the Java Cryptography Extension (JCE) jurisdiction policy files by copying them into each Edge Encryption proxy installation directory.Set up a keystore and encryption keysSet up the keystore and encryption keys used by the Edge Encryption proxy server.Configure encryption keys on the instanceEdge Encryption provides the tools to manage encryption keys without taking the proxy offline.Configure additional properties in the Edge Encryption properties fileAfter installing the Edge Encryption proxy server in your network and setting up your keystore and keys, configure the additional Edge Encryption properties. Configure a web proxyIf your network uses a web proxy, you can set up the Edge Encryption proxy to use the web proxy. Set the proxy server initial and upper bound memory limitsThe proxy server must have a minimum of 4 GB of RAM available (6 GB recommended). The initial and upper bound memory limits determine how much memory the proxy server can consume. Set these limits to avoid performance issues in your Edge Encryption implementation.Start the Edge Encryption proxyAfter an Edge Encryption proxy is installed and configured, you can start the proxy from the command line.Obfuscate passwords in the properties fileYou can obfuscate passwords in the edgeencryption.properties file to share the properties file without revealing clear text passwords.Manually add an additional proxyAfter the first Edge Encryption proxy is properly configured and tested, you can set up additional proxies on a Linux or Windows machine. Installing multiple proxies on the same machine is not recommended.