Skip to main content
Welcome to Virtru's support portal. As we work to make this page more accessible to screen readers, please contact us at support@virtru.com for technical support.

Virtru Private Keystore (for Google Workspace CSE): Install - First Instance Linux Server

  • Updated

 

Implementation Steps

This document will guide you through the installation steps for installing the CSE service on one host

Installation steps on CSE server

This is the installation of the CSE docker container and can be done with guidance from Virtru on a call.

Install Docker

If completed during prerequisites, you can skip to "Download and Execute Setup Script"

#Install Docker
sudo curl -sSL https://get.docker.com/ | sh
  • Create a working directory for cse and cd into that directory

     
    mkdir /var/virtru/scripts
    cd /var/virtru/scripts
  • Download the CSE setup script 
    curl -s https://api.github.com/repos/virtru/cse-install-script/releases/latest \
    | grep "browser_download_url.*sh" \
    | cut -d : -f 2,3 \
    | tr -d \" \
    | wget -qi -
  • Run the deploy script  
    sh deploy-cse-<version>.sh
  • Follow steps in the script to input the following information 
    • CSE Version (hit enter for latest version)
    • CSE Domain (FQDN of your CSE server)
      • We recommend following the format of csesrv.<yourdomain.com>
    • CSE HMAC ID (Provided by Virtru) 
    • CSE HMAC Secret (Provided by Virtru)
    • CKS option (yes if you are using a Virtru CKS)
      • CKS Domain (FQDN of your Virtru CKS server)
      • CKS HMAC ID (From your Virtru CKS server)
      • CKS HMAC Secret (From your Virtru CKS server)
    • IDP Provider (Google or Other)
      • If using "Google IdP" you will need to provide your Google OAuth Client ID string on the next step (Follow Google's official documentation linked here if using Google IdP to connect your CSE service)
      • If "Other" you will need to get the Authentication issuer IDs (from the authentication JWT) to the URL where the issuer publishes its JSON Web Keyset from your IdP provider. 
        • Auth N Key (Map of accepted Authentication issuer ids)
        • Auth N Value (URL where the issuer publishes its JSON Web keyset)
        • JWT Auth N Value (OAuth Client ID String)
  • Add your CA certs to the "/var/virtru/cse" directory 
    • cat [path-to-certificate] [path-to-intermediate-cert-1] ... [path-to-root-cert] > server.cert

    • cat [path-to-private-key] > server.key

  • Run the run script 
     sh run.sh

Google Workspace Configuration

Follow the steps to connect your CSE server to your Google Workspace.

Please refer to Google’s  official documentation when configuring your application. 

 

 

Related articles