Install the Edge Encryption proxy server on a Windows or Linux computer using the interactive installer.

Before you begin

Note: SafeNet KeySecure keystore files are not supported by the Edge Encryption installer. To use a SafeNet KeySecure keystore, Install the Edge Encryption proxy server using the command line installer.

The Edge Encryption plugin must be installed and activated on your instance before you start this procedure. Ensure that Java version 11.0.6 or later is installed on the machine running the Edge Encryption installer.

Role required:
  • security_admin on your ServiceNow instance
  • local or domain administrator on a Windows host
  • service user with full file system access on a Linux host

About this task

After installing a new proxy server, you can run the installer again to perform tests to detect issues with an installation or modify current settings. Your options include:
  • Install New: Install a new proxy server.
  • Verify Installation: Perform tests to detect and fix issues in a previous installation.
  • Reinstall Existing: Perform tests to detect and fix issues in a previous installation and view or modify existing settings.
Note: If installing the proxy server on a Linux machine on a privileged port (port 80 or 443), you must run the installer as a root user with full file system access. To restrict file system access after the proxy server is installed, you can use the SetUID feature in the proxy installer. To enable this feature, start the installer as root or sudo root. When prompted by the installer, provide the username and usergroup of an unprivileged user. The proxy server will install with file system privileges of the given user. You can skip this step to continue the default installation with root privileges.

Procedure

Use the installer to install multiple proxies for your instance on multiple machines, ensuring that the following criteria apply:
  • All proxies must have the same encryption keys and the same RSA key pair used to digitally sign encryption configurations and rules.
  • The encryption key must be the default key configured on the instance.
  • When a proxy database is set up as part of the installation, all proxies must use the same proxy database.

    You may need a proxy database for equality-preserving encryption, order-preserving encryption, or tokenization. If you do not use any of these features, you do not need a proxy database.

What to do next

To use NVDA, an Assistive Technology screen reader designed to read accessibility-enabled Java applications built for keyboard users, see Configure a Windows 64-bit host to use 32-bit NVDA with Java applications.

After installing the Edge Encryption proxy server, Set the proxy server initial memory limit and upper bound memory limit.