SSL Whitelisting for Gallium

Overview

The Gallium platform employs TLS encryption for all communications between the Hypervisor and Console components. Organizations deploying the Hypervisor behind firewalls with SSL inspection capabilities should whitelist specific endpoints and addresses to maintain proper functionality.

Required URLs for Whitelisting

The following domains must be accessible:

Domain	Purpose
`api.gallium.cloud`	Primary API service endpoint
`relay.gallium.cloud`	Remote VM terminal relay service
`us-k1.gallium-relay.com`	United States K1 relay
`us-k2.gallium-relay.com`	United States K2 relay
`eu-1.gallium-relay.com`	Europe region 1 relay
`au-1.gallium-relay.com`	Australia region 1 relay
`gallium.b-cdn.net`	Content delivery network for assets

IP Addresses to Whitelist

137.184.44.15
141.95.127.134

Encryption Standards

The Gallium Hypervisor implements:

TLS 1.3 protocol
Supported cipher suites:
- TLS_AES_128_GCM_SHA256
- TLS_AES_256_GCM_SHA384
- TLS_CHACHA20_POLY1305_SHA256

Overview​

Required URLs for Whitelisting​

IP Addresses to Whitelist​

Encryption Standards​

Overview

Required URLs for Whitelisting

IP Addresses to Whitelist

Encryption Standards