Using the Devolutions Hub Services to configure the Encryption service may prove more complicated than leveraging an Azure template, but specific use cases may call for it.
For the configuration method with Azure, see Configure Devolutions Hub Encryption service using an Azure template.
The following prerequisites are necessary to enable and configure the encryption service:
A self-hosted server to install the Devolutions Hub Services.
A configured and active Single Sign-On (SSO) setup.
An application identity in your Hub.
A trusted SSL certificate.
A reachable network port within the local network and, if applicable, from the internet.
Create an application identity and assign it the following system permissions:
Manage users and user groups.
Manage system configuration (includes system permissions, system settings, and IP allowlists).
If you are using an IP allowlist, the encryption service IP must be added as the allowed IP. Failure to do so will prevent the service from communicating with the Hub, rendering it non-functional.
If you wish to use the Devolutions Hub Services method, make sure that all requirements are fulfilled before moving forward, and plan every change in advance in order to avoid configuration issues, in which case it is better to deactivate the feature altogether while working on a fix.
-
Download the Devolutions Hub Services and launch the installer.
-
Click Next to continue past the welcome page.
setup wizard welcome page -
Read and accept the terms in the License Agreement, then click Next.
Accept the terms in the License Agreement -
Under Custom Setup, select Encryption, then click Next.
Install the encryption feature -
Enter the following information in the corresponding fields:
the Host, which is the URL of your Devolutions Hub.
the Application secret and Application key, which were provided to you when the application identity was initially created.
-
Click on Test connection. You should receive a message indicating that the connection was successful. If this is not the case, check the validity of the information you have entered and try again. If you are still experiencing connection problems, please contact our help desk technicians at [email protected].
Test Connection -
Click Next.
-
Enter the URL (HTTPS is mandatory) and Port number where the encryption service will listen for incoming requests. Ensure the port is configured to be reachable.
-
Search for your Certificate and select it. If your certificate is protected with a password, enter it in Certificate Password.
URL, port, and certificate -
Click Next to complete the setup.
Give us Feedback