CSRCurrent en:Commissioning
Cryptshare Server is the core component of your Cryptshare system. Please install your Cryptshare Server before installing any add-ons products. This quick start guide will help you getting started in no time. It describes the minimal steps that need to be performed to install and start up the Cryptshare Server with basic settings, which can be changed later on.
1 Selecting a platform
Cryptshare runs on a dedicated server as one of the following options:
- Cryptshare Virtual Appliance
- Cryptshare Hardware Appliance
- Self-Installed System (i.e. self-installed server on MS Windows or Linux platform)
For details, please refer to Modes of Operation and Server System Requirements. We recommend running Cryptshare as a virtual appliance which is the option that the vast majority of customers took. Please make sure that you follow the instructions below for the platform of your choice.
2 Prepare what you need
Ideally, the following steps should be performed before you start the installation and configuration of your Cryptshare Server.
URL / Subdomain / IP Address
You will need a public, static IP address for your Cryptshare Server. Also, your Cryptshare Server will need a URL under which it can be reached. Most customers decide to use a subdomain of their internet domain, e.g. `https://cryptshare.mydomain.com/` and associate this subdomain with the public IP address of the Cryptshare Server. Depending on where your Cryptshare Server is located, your Internet Service Provider or Hosting Partner will be able to provide you with a public IP address and subdomain.
SSL Certificate
In order to secure communication between clients and your Cryptshare Server and in order to provide trust into the authenticity of your server, you need an SSL certificate. Cryptshare comes with a self-signed SSL certificate which provides secure communication, but which is not regarded as trusted by the users' browsers. This self-signed certificate is pre-installed to allow you to perform all first-time configuration steps through a secure connection, but it is not designed for productive use. In order to provide trust into the authenticity of your server for your users and eliminate corresponding warning messages in the browser, you need to purchase a commercial SSL certificate and install it on the Cryptshare Server or use an existing wildcard certificate which you may already own. For more information, please refer to the section SSL Certificate.
Firewall Ports
The Cryptshare Server communicates with users and other servers over certain ports. These ports need to be opened by your firewall administrator to allow the required communication to and from the server. See section Network Configuration for details.
Configure Mail Server for Relaying
Cryptshare Server sends notifications to users and administrators via email. Most customers let the Cryptshare Server relay these messages through an existing mail server or mail gateway as this eliminates the risk of these messages being rated as SPAM. However, this requires the mail server to be configured to accept messages from the Cryptshare Server. The responsibility for setting up the mail server accordingly may lie with another team in your company. Make sure to have that setting in place before you take your server online. The IP address and/or network name of the Cryptshare Server may be required to configure the mail server accordingly. Please refer to the documentation of your mail server to configure relaying.
Define Administrators
It is mandatory to configure the email address of a user or a user group as administrators of the Cryptshare Server. Cryptshare Server will send notifications to this email address in case of available updates, warnings or errors. Without an administrator email address, the configuration cannot be completed. Decide which email address should be used and set up a user group in your mail server directory if required.
Virtual Appliance
Go to https://www.cryptshare.com/en/support/vm-build-service/ to build your machine using our VM Build Service. You will receive a download link for your pre-configured VM within 15 minutes. Import the machine into your VMware environment. You will find more details about the installation and management of Cryptshare VMs here.
Hardware Appliance
Hardware Appliances can be obtained from our sales partners. They are shipped pre-configured for your network. If you have a hardware appliance, you are ready to proceed with the step "Start up your Cryptshare Server".
Self-Installed Systems
- If you want to self-install Cryptshare on a physical or virtual platform of your choice, go to https://login.cryptshare.com/en/portal/, create a user account and download the corresponding software installer from there.
- Install the Cryptshare Software as described in the section Installation - Self-Installed Systems
4 Create and set storage locations for temp, retention and backup folders
Cryptshare can use up to three different storage locations to save temporary files, the transfer payload and backups. These storage locations should be sized according to your requirements and have to be configured in the Cryptshare Server. If you have a hardware appliance, you can skip this step as these folders are pre-configured in terms of size and location. If you are running a Virtual Appliance or Self-Installed System, please follow the steps below.
- The retention folder is the folder where the payload of the system is stored, i.e. the encrypted files and messages that are being transferred from A to B reside in this folder until they are automatically deleted at the end of the retention time.
- The backup folder is a folder into which you can back up your system configuration, transfer meta data and the transfer data itself. For more information refer to Backup & Restore.
`suggested retention folder size in MByte = ((expected average number of transfers per day) * (expected average transfer size in MByte) * (maximum planned retention time)) * 1.25` This will provide enough space for your transfer data, for the temporary directory and also if you want to back up the system configuration and transfer meta information to this disk.
If you want to backup transfer data as well, you will have multiply the space by a factor (x+1) where x is the number of backups of the transfer data you want to keep. However, it is recommended to backup data to a location outside the Cryptshare Server as otherwise, you will lose your productive data and your backup data in case of a disk failure.Virtual Appliance
When we create the Virtual Machine for you in our VM Build Service, we do not want you to download a vast empty store, so we keep the store of the download file small and you will have to add a disk to your VM to save temporary files, transfer data and backups.
- Configure Cryptshare to use an additional disk for saving transfer data ("upload directory") as described in Installation (Chapter "Extend available disk space for Cryptshare transfers").
- To configure Cryptshare to use the additional disk for temporary files, please refer to System Startup Configuration.
- To use the additional disk as target directory for backups, please refer to Backup & Restore.
Hardware Appliance
When using a Hardware Appliance, the system is already configured to use the available disk space for temporary files, transfer data and backups (optional). To see the current specification of our hardware appliances, please refer to https://www.cryptshare.com/en/operation-modes/cryptshare-hardware-appliance/.
Self-Installed Systems
Please refer to the documentation of your operating system to learn how to add a disk or directory and set the size for it.
- Configure Cryptshare to use the additional disk for saving transfer data ("upload directory") as described in Transfer Settings.
- To configure Cryptshare to use the additional disk for temporary files, please refer to System Startup Configuration.
- To use the additional disk as target directory for backups, please refer to Backup & Restore.
Virtual Appliance
- Start up the virtual machine from your vSphere console.
- The Cryptshare daemon will start up automatically during machine start-up.
- Fore more details on starting or stopping the Cryptshare daemon, please refer to the section Cryptshare Service.
Hardware Appliance
- Make sure your Hardware Appliance is connected to power and network.
- Use the front-side button to start the Hardware Appliance.
- The Cryptshare daemon will start up automatically during machine start-up.
- Fore more details on starting or stopping the Cryptshare daemon, please refer to the section Cryptshare Service.
Self-Installed Systems
Start up your server as described in the section Installation - Self-Installed Systems
6 Install your SSL certificate
Install the SSL certificate you have purchased. For details about SSL certificates and the installation procedure, please refer to Setting up an SSL Certificate.
7 Install your licence key
A licence key is required to use the Cryptshare Server. Until the licence key is successfully installed, you can only work with administration interface of Cryptshare, but the user interface will remain deactivated. The licence key is a file named "cs\_license.txt" which we will have provided to you either as a test licence or productive licence.
Virtual Appliance
Depending on whether or not you have uploaded a licence key in our VM Build Service, the Virtual Appliance is shipped with or without a licence key installed. Please refer to the System Status section on the General to check if a licence key is installed and the registered domain(s) and the licence term are correct. If no licence key is installed, please refer to Importing the Cryptshare License Key.
Hardware Appliance
Usually our Hardware Appliances are shipped with your licence key pre-installed. Please refer to the System Status section on the General to check if a licence key is installed and the registered domain(s) and the licence term are correct. If no licence key is installed, please refer to Importing the Cryptshare License Key.
Self-Installed Systems
When you self-install a Cryptshare Server, you need to obtain a Cryptshare Licence Key from your Cryptshare reseller or directly from us. Install the licence key as described in the section Importing the Cryptshare License Key.
8 First-time configuration
Follow the steps described in the section First-Time Configuration.
- Make sure to click the "Save settings" button at the end of each configuration page as settings will not be saved if you just leave the page.
9 Check for updates
We frequently update the Cryptshare Server to provide functional improvements, but also to maintain a high level of security. Sometimes, updates may have become available in the time since you downloaded your installers or VM image files or since the Hardware Appliance has been produced. To make sure you benefit from the latest version, check if updates are available and if so, install them now. The section Updates describes how you can check for updates and install them. Repeat the process until Cryptshare Server does not show you any further available updates as in some cases, you cannot update directly to the latest version as the installation routines of intermediate version perform important update steps.
Congratulations!
You are now ready to use Cryptshare Server! Users from inside and outside your business can use the Cryptshare Web Interface now to exchange secure email messages and large files.
Further steps you might want to take...
Customize the user interface, notifications and language packs
You can modify the look of the web user interface of Cryptshare Server as well as the design of the email notifications to reflect your corporate design. Further information can be found here:
- Customization of web interface and notifications.
- Creation and Modification of Language Packages of language packs
Set up the Policy to tailor Cryptshare to your business needs
By default, based on the rules which are build into the licence key and which have been created in step 5, Cryptshare Server will allow all of your employees to communicate with everybody inside or outside your business and vice versa. However, no third parties can use your system to communicate with each other. A member of your licenced email domain has to be either the sender or the recipient of a transfer being performed using your Cryptshare Server. You can (but do not have to) apply further rules and definitions concerning who can or cannot use your system by setting up further Policy Rules. However this step is not required to start using the server.
Set up MS Outlook or IBM Notes integration for best user experience
You may want to proceed with installing our email integration options. Here are a few helpful links for further reading:
Allow your business applications to send secure emails and large files
You may want to proceed with integrating Cryptshare into other business applications, allowing them to send messages and large files securely via Cryptshare rather than vie email. Welcome
Further helpful links
Cryptshare Knowledge Base Cryptshare Support