Release Notes

Anyware Trust Center

  Documentation and Downloads for Anyware Trust Center

24.03.2

Current supported release General Support

Release 24.03.2 of the Anyware Trust Center is a maintenance release which replaces and deprecates 24.03.0. It includes the following:

Added product and board serial to endpoint static properties

properties/static/serialNumber is now deprecated. Instead, properties/static/productSerialNumber and properties/static/boardSerialNumber can now be used to obtain more specific serial information for Trusted Zero Clients.

Operational certificate renewal safety

Previously, when setting renewBefore to a value greater than the lifetime of the operational certificate, the Trusted Zero Client would continually renew the op cert making the endpoint appear to be unable to connect to the Trust Center. A safety has been put in place to ensure that if invalid renewal values are set, the Trust Agent will ignore and use a reasonable default.

 

Previous release information:

Release 24.03.0 of the Anyware Trust Center includes the following:

Static IP Support

You can now configure a Trusted Zero Client's IPv4 and IPv6 settings via the Trusted Zero Client's interface, or by pushing from the Anyware Trust Center.

Support for 802.1x

With this release, you can now manually provision Trusted Zero Client devices with certificates for networks which require 802.1x authentication. The method used to do this depends on your Endpoint Management System (EMS); refer to your manufacturer's documentation for more information.

Client Firmware Version Enforcement

A new Trusted Zero Client policy has been added that allows administrators to set a desired firmware version number, and then block new sessions for any Trusted Zero Client devices that are out of date.

Setting desired/trust/policies/version to the desired version number will enforce this policy.

Support for Darksite Installations

The Anyware Trust Center can now be installed in dark sites, which do not have a connection to the public internet. Installing in a dark site requires a temporary internet-connected machine, which downloads required packages and creates an installation bundle. The installation bundle is then transferred to the dark site machine and installed. For system requirements, see Dark Site System Requirements. For installation instructions, see Dark Site Installation.

Note: OTA updates to Trusted Zero Client devices in dark sites is not supported in this release.

Details and issues

24.03

End of Support
This release is no longer supported.

Release 24.03 of the Anyware Trust Center includes the following:

Static IP Support

You can now configure a Trusted Zero Client's IPv4 and IPv6 settings via the Trusted Zero Client's interface, or by pushing from the Anyware Trust Center.

Support for 802.1x

With this release, you can now manually provision Trusted Zero Client devices with certificates for networks which require 802.1x authentication. The method used to do this depends on your Endpoint Management System (EMS); refer to your manufacturer's documentation for more information.

Client Firmware Version Enforcement

A new Trusted Zero Client policy has been added that allows administrators to set a desired firmware version number, and then block new sessions for any Trusted Zero Client devices that are out of date.

Setting desired/trust/policies/version to the desired version number will enforce this policy.

Support for Darksite Installations

The Anyware Trust Center can now be installed in dark sites, which do not have a connection to the public internet. Installing in a dark site requires a temporary internet-connected machine, which downloads required packages and creates an installation bundle. The installation bundle is then transferred to the dark site machine and installed. For system requirements, see Dark Site System Requirements. For installation instructions, see Dark Site Installation.

Note: OTA updates to Trusted Zero Client devices in dark sites is not supported in this release.

Details and issues

23.12.1

General Support

Release 23.12.1 of the Anyware Trust Center is a maintenance release which replaces and deprecates 23.12.

It includes the following:

  • Bug fixes and security updates.

Previous release information:

Release 23.12 of the Anyware Trust Center includes the following:

Endpoint Maximum Increased

Performance improvements in 23.12 allow the Anyware Trust Center to support 5,000 endpoints (previously, the maximum was 1,000).

Minimum Requirements Lowered

Performance improvements also allow the Anyware Trust Center to use half the previous vCPU and RAM specification; the Anyware Trust Center now requires at least 4 vCPUs and 16GB of RAM (previously, the minimum was 8 vCPUs and 32GB of RAM). See System Requirements for more information.

New Device Timeout Policy

You can now set a policy for the length of time that a Trusted Zero Client can remain disconnected from a Anyware Trust Center before it becomes untrusted.

Details and issues

23.12

End of Availability
This release is no longer supported.

Release 23.12 of the Anyware Trust Center includes the following:

Endpoint Maximum Increased

Performance improvements in 23.12 allow the Anyware Trust Center to support 5,000 endpoints (previously, the maximum was 1,000).

Minimum Requirements Lowered

Performance improvements also allow the Anyware Trust Center to use half the previous vCPU and RAM specification; the Anyware Trust Center now requires at least 4 vCPUs and 16GB of RAM (previously, the minimum was 8 vCPUs and 32GB of RAM). See System Requirements for more information.

New Device Timeout Policy

You can now set a policy for the length of time that a Trusted Zero Client can remain disconnected from a Anyware Trust Center before it becomes untrusted.

Details and issues

23.08

Technical Guidance

Anyware Trust Center 23.08 is a minor release that contains bug fixes, improved operating system support, and process improvements. There are no feature changes in this release.

Support added for RHEL 9 and Rocky Linux 9

This release adds support for the Anyware Trust Center on RHEL 9 and Rocky Linux 9.

Installation process improvements

We've revised our documentation and website flow to alleviate confusion around setting up the Anyware Trust Center domain name. Previously, we used the term FQDN to describe the domain name and neglected to provide examples that clarify the actions you need to take. We've changed those FQDN references to "domain name", added examples, and also added a live preview feature to the website that shows exactly which subdomains you need to configure based on your input.

Preview of the new domain preview website feature
Details and issues

23.06.1

Technical Guidance

Release 23.06.1 of the Anyware Trust Center is a maintenance release which replaces and deprecates 23.06.

It includes the following:

  • Fixes a bug that caused endpoint internationalization properties to be incorrectly validated by the Management API, resulting in an error. This has been fixed.

 

Previous release information:

This is the public release of the Anyware Trust Center.  For feature support, system requirements, and installation instructions, please refer to the Anyware Trust Center Administrators' Guide. The download script for the Anyware Trust Center is available here. Downloading the Anyware Trust Center requires a valid Anyware Trust Center subscription.

For information about Trusted Zero Clients, see the Trusted Zero Client Administrators Guide.

Details and issues

23.06

End of Availability
This release is no longer supported.

This is the public release of the Anyware Trust Center.  For feature support, system requirements, and installation instructions, please refer to the Anyware Trust Center Administrators' Guide. The download script for the Anyware Trust Center is available here. Downloading the Anyware Trust Center requires a valid Anyware Trust Center subscription.

For information about Trusted Zero Clients, see the Trusted Zero Client Administrators Guide.

Details and issues

23.04

General Support

This is a private beta release of the Anyware Trust Center. Availability of this release is by invitation; contact us for more information.

Deploying the Anyware Trust Center

These instructions will guide you through creating a VM, downloading the installer, and deploying an Anyware Trust Center on a single machine.

Deploy a VM

First, create a new VM that will host the Anyware Trust Center.

The Trust Center requires:

  • RHEL 8 or Rocky Linux 8
  • 8 vCPUs
  • 32GB RAM
  • 120GB+, with 80GB +free disk space available on /var
  • IP network accessible by your endpoints, with DNS configured as described next. The Anyware Trust Center does not support connections via raw IP addresses.

Choose an FQDN

The Trust Center requires a FQDN for connections. You'll use this value in multiple locations during setup, so record the value and be ready to copy it. 

Create DNS Records

Once the machine is up, create the following DNS A records that point to it. In each of these entries, <domain> is the FQDN you chose in the previous step.

  • trust-center.<domain>
  • endpoint-connector.<domain>
  • ota.<domain>
  • register.<domain>

In addition, if you wish to support automatic Trust Center discovery by endpoints, you will need to create a CNAME record redirecting "anywaretrustcenter" to "register.<domain>"

Download and Install the Anyware Trust Center

To install the Anyware Trust Center, you must have an account on our support site (https://help.teradici.com). You can create one from the login screen if you don't already have one.

To download the installer:

  1. Go to https://docs.teradici.com/find/product/anyware-trusted-endpoints/2023.04/anyware-trust-center
  2. If you are not already logged in, click Log in to download to log in.
  3. Click on .
  4. Accept the license agreement:
  5. Paste in your FQDN, recorded earlier, in the Trust Center Hostname (FQDN) field, and click Get installation script:

    Note: You can leave the FQDN field blank; if you do, the installation command will still be generated, but you will have to manually replace the placeholder value with the actual FQDN before executing it.
  6. Copy the entire command displayed next. There are two parts, and both are required: a curl command that downloads the installation script, and another command that executes it.

    A valid Trust Center download link will look like this: 
    curl -sSL https://dl.teradici.com/{token}/trust-center/raw/names/trust-center-tgz/versions/23.04.0/trust-center_23.04.0.tar.gz | tar -xz && sudo ./trust-center-ctl install --fqdn {trust-center-FQDN} --token {jwt token}

    Copy the entire link, which will be used on the Trust Center VM when it is set up.

    Important: The generated command is valid for 2 hours, after which installation will fail. If that occurs, return to the download page and generate a new command.

    When executed, the command will do the following:

    • Downloads the installer executable in an archive format
    • Unzips the installer
    • Runs the installer as a root user, passing in 2 required flags:
      • fqdn - the value must be a valid fully qualified domain name, and should point to the location where the Trust Center is installed.
      • token - this value is provided by support, and should not be modified. It is also only valid for 2 hours.

Installing the Anyware Trust Center

  1. On the Trust Center machine, navigate to a working directory. You can create a new one or use an existing one to install the Trust Center.
  2. Navigate to your working directory using a terminal window (command line).
  3. Paste the download link you copied previously into the terminal window and press Enter to execute it.

The installation will take up to 15 minutes to complete; there will be periods of time where the process stops printing messages to the terminal and may appear to hang. This is normal.

After Installing

Once installation is complete, you can set up your Management Console to interact and manage Trusted Zero Clients through your Trust Center.

Refer to the API documentation installed with the Trust Center for complete details.

Note: the administrator password is now automatically generated by the Trust Center installer, and has the ability to create service account keys. The Trust Center API documentation does not show this yet. The generated password is placed in a file in your installation working directory: 

<current folder>/config.yaml

global:
  images:
    registry: "docker.cloudsmith.io/teradici/trust-center"
    username: "teradici/trust-center"
    password: <repository password>
  tc:
    domain: <your domain>
    password: <this is the auto-generated password>
    endpointUpdate: 
      accessKey: <repository password>
      repository: "teradici/trusted-zero-client"

Upgrading to a New Version

To upgrade the current running installation of the Trust Center, obtain a newer download link from the website. Make sure the package version is newer than your installed version. Download links look like this:

curl -sSL https://dl.teradici.com/{a token}/trust-center/raw/names/trust-center-tgz/versions/23.04.1/trust-center_23.04.1.tar.gz

In this example, the command will download version 23.04.1 of the Trust Center.

Then:

  1. Download the new package to the same installation directory you used for your original installation.
  2. Open a terminal window and navigate to your installation directory
  3. Run the following command: 
    ./trust-center-ctl upgrade

Troubleshooting

Support Bundle

If you encounter problems while running the Anyware Trust Center, you can generate a support bundle to help us diagnose and troubleshoot the issue.  Support bundles capture the state of the Trust Center and related services and log files.

To generate a support bundle:

  1. Open a terminal window and navigate to your Trust Center installation directory.
  2. Run the following command: 
    sudo ./trust-center-ctl diagnose --support-bundle
    The support bundler will generate an archive and place it in your working directory.
  3. Provide this generated support bundle to our support team.

 

Details and issues