Using the Devolutions Cloud Services to configure the Encryption service may prove more complicated than leveraging an Azure template, but specific use cases may call for it.
For the configuration method with Azure, see Configure Devolutions Cloud Encryption service using an Azure template.
The following prerequisites are necessary to enable and configure the encryption service:
A self-hosted server to install the Devolutions Cloud Services.
A configured and active Single Sign-On (SSO) setup.
An application identity in Devolutions Cloud.
A trusted SSL certificate.
A reachable network port within the local network and, if applicable, from the internet.
Create an application identity and assign it the following system permissions:
Manage users and user groups.
Manage system configuration (includes system permissions, system settings, and IP allowlists).
If you are using an IP allowlist, the encryption service IP must be added as the allowed IP. Failure to do so will prevent the service from communicating with Devolutions Cloud, rendering it non-functional.
If you wish to use the Devolutions Cloud Services method, make sure that all requirements are fulfilled before moving forward, and plan every change in advance in order to avoid configuration issues, in which case it is better to deactivate the feature altogether while working on a fix.
Download the Devolutions Cloud Services and launch the installer.
Click Next to continue past the welcome page.
Read and accept the terms in the License Agreement, then click Next.
Under Custom Setup, select Encryption, then click Next.
Enter the following information in the corresponding fields:
the Host, which is the URL of your Devolutions Cloud.
the Application secret and Application key, which were provided to you when the application identity was initially created.
Click on Test connection. You should receive a message indicating that the connection was successful. If this is not the case, check the validity of the information you have entered and try again. If you are still experiencing connection problems, please contact our help desk technicians at service@devolutions.net.
Click Next.
Enter the URL (HTTPS is mandatory) and Port number where the encryption service will listen for incoming requests. Ensure the port is configured to be reachable.
Search for your Certificate and select it. If your certificate is protected with a password, enter it in Certificate Password.
Click Next to complete the setup.
Share your feedback