Skip to main content
Verify your environment meets these requirements.

Supported hardware

  • CryptoHub, 7.0.3.x or later.

Supported operating systems

  • Windows Server 2016 or later

Required infrastructure

  • A Windows server joined to your Active Directory domain that acts as the Enterprise CA.
  • A Windows server joined to your Active Directory domain that acts as the Network Device Enrollment Service (NDES) service.

Required access

  • An account on the CryptoHub with administrator permissions to deploy new services.
  • Local administrator access on the Enterprise CA and Network Device Enrollment Service (NDES) Windows Servers.

Network and firewall

  • Allow outbound TCP port 2001(default Host API port) from the Enterprise CA Windows Server to the CryptoHub, specified by FQDN (for example, cryptohub.example.com) or CIDR (for example, 10.0.0.0/24).
TLS inspection or SSL proxies can break mutual TLS handshakes. Exempt the CryptoHub FQDN(s) from inspection. Configure the CryptoHub with a FQDN so the exemption applies.