deviceTRUST 23.1.210 for Windows and deviceTRUST Client Extension 23.1.200 for IGEL OS 12 are now available.
×

Client installation on Unicon eLux devices

Import the deviceTRUST certificate chain

The deviceTRUST eLux Client is signed with a certificate that must first be trusted by both ELIAS and the eLux devices. Full details of how to import certificates into ELIAS and deploy them to eLux devices can be found by searching for ‘Organizing certificates for package validation’ within the eLux documentation. The latest deviceTRUST certificate chain can be downloaded here.

Note:
  • The import of the deviceTRUST certificate chain is only necessary when the eLux environment is configured to check the signatures of packages. However, it is good practice to ensure that the packages match the certificates.

Within ELIAS:

  • Import devicetrust-gmbh-20210321.pem into Trusted Issuer.
  • Import globalsign-extended-validation-codesigning-ca-sha256-g3-20240615.pem and globalsign-intermediate-20280128.pem into Intermediate CA.
  • Import globalsign-20280128.pem into Trusted Root CA.

Within the Scout console:

  • Deploy all of the above pem files into the /setup/cacerts/ folder of the eLux device.

Install the package

Within ELIAS:

  • Ensure that the required ‘deviceTRUST Client’ package has been imported into the package library.
  • If you’ve imported the deviceTRUST certificate chain, then check the signatures of the package.
  • Assign the ‘deviceTRUST Client’ package to the image.

For ICA support, ensure the ‘deviceTRUST ICA Client, Vx.x.x-x’ option is active under the defined package ‘deviceTRUST Client, Vx.x.x-x’. For RDP support, ensure the ‘deviceTRUST RDP Client, Vx.x.x-x’ option is active under the defined package ‘deviceTRUST Client, Vx.x.x-x’.

Enabling ICA and RDP Protocols
Enabling ICA and RDP Protocols

Within the Scout console:

  • Update your eLux devices.

To enable the RDP virtual channel, within your eLux Scout console navigate to Enterprise > [eLux version number] > Applications > RDP, and select properties, then ‘Free parameters’. Add variable ‘FreeRdpParams’ with value ‘/dvc:deviceTRUST’.

Enable RDP virtual channel
Enable RDP virtual channel

Next time you connect using ICA or RDP to a server with a licensed deviceTRUST Host, the properties of your eLux device will be available within your virtual session.

Deploy the ripe.stat root certificate

To ensure the deviceTRUST eLux client can successfully obtain whois information you will need to ensure that the required root certificate is deployed to all your eLux devices.

To obtain the root certificate, navigate to stat.ripe.net within your browser and save the certificate to disk as a base-64 encoded X. 509 file.

Obtain stat.ripe.net root certificate
Obtain stat.ripe.net root certificate

Within the Scout console select ‘Advanced device configuration\Files’ on the device container, import the certificate and deploy to your device certificate store location.