Implementation Steps
This document will guide you through the installation steps for installing the CSE service on one host
-
This document assumes you have completed the Google Admin/Console Changes.
Installation steps on CSE server
This is the installation of the CSE docker container and can be done with guidance from Virtru on a call.
Install Docker
If completed during prerequisites, you can skip to "Download and Execute Setup Script"
#Install Docker
sudo curl -sSL https://get.docker.com/ | sh
-
Create a working directory for cse and cd into that directory
mkdir /var/virtru/scripts
cd /var/virtru/scripts
-
Download the CSE setup script
curl -s https://api.github.com/repos/virtru/cse-install-script/releases/latest \
| grep "browser_download_url.*sh" \
| cut -d : -f 2,3 \
| tr -d \" \
| wget -qi - - Run the deploy script
sh deploy-cse-<version>.sh
- Follow steps in the script to input the following information
- CSE Version (hit enter for latest version)
- CSE Domain (FQDN of your CSE server)
- CSE HMAC ID (Provided by Virtru)
- CSE HMAC Secret (Provided by Virtru)
- CKS option (yes if you are using a Virtru CKS)
- CKS Domain (FQDN of your Virtru CKS server)
- CKS HMAC ID (From your Virtru CKS server)
- CKS HMAC Secret (From your Virtru CKS server)
- IDP Provider (Google or Other)
- If using "Google IdP" you will need to provide your Google OAuth Client ID string on the next step (Follow Google's official documentation linked here if using Google IdP to connect your CSE service)
- If "Other" you will need to get the Authentication issuer IDs (from the authentication JWT) to the URL where the issuer publishes its JSON Web Keyset from your IdP provider.
- Auth N Key (Map of accepted Authentication issuer ids)
- Auth N Value (URL where the issuer publishes its JSON Web keyset)
- JWT Auth N Value (OAuth Client ID String)
- Add your CA certs to the "/var/virtru/cse" directory
-
cat [path-to-certificate] [path-to-intermediate-cert-1] ... [path-to-root-cert] > server.cert
-
cat [path-to-private-key] > server.key
-
- Run the run script
sh run.sh
Google Workspace Configuration
Follow the steps to connect your CSE server to your Google Workspace.
Please refer to Google’s official documentation when configuring your application.