Modules and pluginsFolder Import moduleCloud HyperExtender plugin 2019.2Additional configuration

Additional configuration

This section describes how to configure additional Cloud HyperExtender features.

Single sign-on

To use Cloud HyperExtender in an environment that is configured to use single sign-on (SSO), follow these steps below:

  1. Stop the Transact service.
  2. Go to <Ephesoft installation folder>/Application|WEB-INF/Classes/META-INF and open the applicationContext-security.xml file for editing.
  3. Add the following rule to the XML file from step 2:

    <security:http pattern=”/ws/hybridplugin/status/notify” security=”none” />

  4. Restart the Transact service.

Bring Your Own Key

The Bring Your Own Key (BYOK) feature allows customers to decrypt their own encrypted files. This feature is especially beneficial for on-premises users. BYOK provides increased security protection as it ensures that these encrypted files cannot be decrypted by anyone else but the customer. To enable this feature, contact the Transact sales team.

  • Once the BYOK feature is enabled, the feature cannot be disabled. This means that the option to have Transact provide a key is no longer an option.

  • Do not lose the encryption key. If the encryption key is lost, you cannot decrypt your files. Transact cannot decrypt files on your behalf.

  • Use an AES-256 encryption key and ensure that is encoded as a BASE64 string.

The Cloud HyperExtender plugin in Transact also tracks the page count when you use an encryption key with the BYOK feature. Once this feature is enabled and users are registered for the Transact Cloud, the page count tracking added with the BYOK feature is added to the previously allotted 1,000 pages per month for 12 months. Transact continues to provide customers with an accurate monthly page count.

Enable the BYOK feature

  1. Contact the Transact sales team to enable the feature.
  2. Generate an AES 256-bit security key.
  3. Go to the <Ephesoft installation folder>/JavaAppServer/webapps/ephesoft-cloud-client/WEB-INF/classes folder, and open the application.properties file to edit. If you have a clustered Transact environment with multiple processing servers, ensure that you edit this file on every processing server.
  4. Enter the security key from step 2 in this string of text after the equal (=) sign:

    cloud.workflow.encryption-key=<your security key>

    If the encryption key is not entered, batches will not run.

  5. Restart the Transact service.