Contents Now Platform Capabilities Previous Topic Next Topic Install the Edge Encryption proxy server using the command line installer Subscribe Log in to subscribe to topics and get notified when content changes. ... SAVE AS PDF Selected Topic Topic & Subtopics All Topics in Contents Share Install the Edge Encryption proxy server using the command line installer Manually install multiple Edge Encryption proxy servers in your network. Before you begin Roles required: security_admin on your ServiceNow instance and local administrator on the host machine. If order preserving encryption types or encryption patterns are to be used, set up a MySQL database on a machine in your network if not already present. Note: If using Unbound Technology encryption keys with Edge Encryption, install the proxy server using the command line installer on the Unbound client machine. The Edge Encryption proxy server must run on the same machine as the Unbound technology client. About this taskFirst, set up a single Edge Encryption proxy server. After your first proxy server is successfully running, add additional proxy servers for one instance to ensure an optimal environment. See Sizing your Edge Encryption environment to determine the number of additional proxy servers needed. Install the Edge Encryption proxy server (command line installer)Install an Edge Encryption proxy on a 64-bit Windows or Linux computer.Create and configure the RSA key pair for the digital signatureCreate an RSA key pair that the proxy server can use to create the digital signature for signing changes to the encryption properties and configuration. Import and configure the certificate for secure SSL connectionTo use a secure SSL connection, import a server certificate and add it to the Java KeyStore.Enable AES 256-bit encryption256-bit encryption is more secure than 128-bit encryption, and you can optionally configure AES 256-bit encryption on the Edge Encryption proxy server host. How you enable AES 256-bit encryption depends on the Java update installed on each proxy server host.Set up a keystore and encryption keysSet up the keystore and encryption keys used by the Edge Encryption proxy server.Configure encryption keys on the instanceEdge Encryption provides the tools to manage encryption keys without taking the proxy offline.Configure additional properties in the Edge Encryption properties fileAfter installing the Edge Encryption proxy server in your network and setting up your keystore and keys, configure the additional Edge Encryption properties. Configure a web proxyIf your network uses a web proxy, you can set up the Edge Encryption proxy to use the web proxy. Set the proxy server initial memory limit and upper bound memory limitSet the initial memory limit and upper bound memory limit to specify how much memory the proxy server can consume. Set these limits to avoid performance issues in your Edge Encryption implementation.Start the Edge Encryption proxyAfter an Edge Encryption proxy is installed and configured, you can start the proxy from the command line.Obfuscate passwords in the properties fileYou can obfuscate passwords in the edgeencryption.properties file to share the properties file without revealing clear text passwords.Manually add an additional proxyAfter the first Edge Encryption proxy is properly configured and tested, you can set up additional proxies on a Linux or Windows machine. Installing multiple proxies on the same machine is not recommended. On this page Send Feedback Previous Topic Next Topic
Install the Edge Encryption proxy server using the command line installer Manually install multiple Edge Encryption proxy servers in your network. Before you begin Roles required: security_admin on your ServiceNow instance and local administrator on the host machine. If order preserving encryption types or encryption patterns are to be used, set up a MySQL database on a machine in your network if not already present. Note: If using Unbound Technology encryption keys with Edge Encryption, install the proxy server using the command line installer on the Unbound client machine. The Edge Encryption proxy server must run on the same machine as the Unbound technology client. About this taskFirst, set up a single Edge Encryption proxy server. After your first proxy server is successfully running, add additional proxy servers for one instance to ensure an optimal environment. See Sizing your Edge Encryption environment to determine the number of additional proxy servers needed. Install the Edge Encryption proxy server (command line installer)Install an Edge Encryption proxy on a 64-bit Windows or Linux computer.Create and configure the RSA key pair for the digital signatureCreate an RSA key pair that the proxy server can use to create the digital signature for signing changes to the encryption properties and configuration. Import and configure the certificate for secure SSL connectionTo use a secure SSL connection, import a server certificate and add it to the Java KeyStore.Enable AES 256-bit encryption256-bit encryption is more secure than 128-bit encryption, and you can optionally configure AES 256-bit encryption on the Edge Encryption proxy server host. How you enable AES 256-bit encryption depends on the Java update installed on each proxy server host.Set up a keystore and encryption keysSet up the keystore and encryption keys used by the Edge Encryption proxy server.Configure encryption keys on the instanceEdge Encryption provides the tools to manage encryption keys without taking the proxy offline.Configure additional properties in the Edge Encryption properties fileAfter installing the Edge Encryption proxy server in your network and setting up your keystore and keys, configure the additional Edge Encryption properties. Configure a web proxyIf your network uses a web proxy, you can set up the Edge Encryption proxy to use the web proxy. Set the proxy server initial memory limit and upper bound memory limitSet the initial memory limit and upper bound memory limit to specify how much memory the proxy server can consume. Set these limits to avoid performance issues in your Edge Encryption implementation.Start the Edge Encryption proxyAfter an Edge Encryption proxy is installed and configured, you can start the proxy from the command line.Obfuscate passwords in the properties fileYou can obfuscate passwords in the edgeencryption.properties file to share the properties file without revealing clear text passwords.Manually add an additional proxyAfter the first Edge Encryption proxy is properly configured and tested, you can set up additional proxies on a Linux or Windows machine. Installing multiple proxies on the same machine is not recommended.
Install the Edge Encryption proxy server using the command line installer Manually install multiple Edge Encryption proxy servers in your network. Before you begin Roles required: security_admin on your ServiceNow instance and local administrator on the host machine. If order preserving encryption types or encryption patterns are to be used, set up a MySQL database on a machine in your network if not already present. Note: If using Unbound Technology encryption keys with Edge Encryption, install the proxy server using the command line installer on the Unbound client machine. The Edge Encryption proxy server must run on the same machine as the Unbound technology client. About this taskFirst, set up a single Edge Encryption proxy server. After your first proxy server is successfully running, add additional proxy servers for one instance to ensure an optimal environment. See Sizing your Edge Encryption environment to determine the number of additional proxy servers needed. Install the Edge Encryption proxy server (command line installer)Install an Edge Encryption proxy on a 64-bit Windows or Linux computer.Create and configure the RSA key pair for the digital signatureCreate an RSA key pair that the proxy server can use to create the digital signature for signing changes to the encryption properties and configuration. Import and configure the certificate for secure SSL connectionTo use a secure SSL connection, import a server certificate and add it to the Java KeyStore.Enable AES 256-bit encryption256-bit encryption is more secure than 128-bit encryption, and you can optionally configure AES 256-bit encryption on the Edge Encryption proxy server host. How you enable AES 256-bit encryption depends on the Java update installed on each proxy server host.Set up a keystore and encryption keysSet up the keystore and encryption keys used by the Edge Encryption proxy server.Configure encryption keys on the instanceEdge Encryption provides the tools to manage encryption keys without taking the proxy offline.Configure additional properties in the Edge Encryption properties fileAfter installing the Edge Encryption proxy server in your network and setting up your keystore and keys, configure the additional Edge Encryption properties. Configure a web proxyIf your network uses a web proxy, you can set up the Edge Encryption proxy to use the web proxy. Set the proxy server initial memory limit and upper bound memory limitSet the initial memory limit and upper bound memory limit to specify how much memory the proxy server can consume. Set these limits to avoid performance issues in your Edge Encryption implementation.Start the Edge Encryption proxyAfter an Edge Encryption proxy is installed and configured, you can start the proxy from the command line.Obfuscate passwords in the properties fileYou can obfuscate passwords in the edgeencryption.properties file to share the properties file without revealing clear text passwords.Manually add an additional proxyAfter the first Edge Encryption proxy is properly configured and tested, you can set up additional proxies on a Linux or Windows machine. Installing multiple proxies on the same machine is not recommended.
