System requirements for Creative Force

Creative Force is a cloud-based application and to use it, you as a customer, need to allow some outbounds and inbounds if you have a Firewall / Proxy.
This document below describes what is required. 

Outbound

You as a customer should allow outbound to these domains (if you have a Firewall / Proxy): 

• creativeforce.io

• 4q8cgc5u0e-log.creativeforce.io

• api.creativeforce.io

• app.creativeforce.io

• docs.creativeforce.io

• download.creativeforce.io

• help.creativeforce.io

• images.creativeforce.io

• logs.creativeforce.io

• search-api.creativeforce.io

• socket.creativeforce.io

• webhook.creativeforce.io

• www.creativeforce.io

• zip.creativeforce.io

• accounts.creativeforce.io

• s3-r-w.eu-central-1.amazonaws.com

• checkip.amazonaws.com

• kelvin-hue-download.s3.eu-central-1.amazonaws.com

• lh-euc1-files1.s3.eu-central-1.amazonaws.com

• lh-applications-release.s3.eu-central-1.amazonaws.com

• lh-applications-release.s3.amazonaws.com

• lh-uploader.log.s3.eu-central-1.amazonaws.com

• lh-applications-speedtest.s3.eu-central-1.amazonaws.com

• lh-euc1-resources.s3.eu-central-1.amazonaws.com

• zozr94bce5.execute-api.eu-central-1.amazonaws.com

• t4ral5z1b2.execute-api.eu-central-1.amazonaws.com

• gstatic.com

• www.google.com

• browser.sentry-cdn.com

• sentry.io

• creativeforce.eu.looker.com

• static-a.lookercdn.com

• static-b.lookercdn.com

• ping.looker.com

• api-iam.intercom.io

• widget.intercom.io

• nexus-websocket-a.intercom.io

• js.intercomcdn.com

• static.intercomassets.com

• downloads.intercomcdn.com

• gifs.intercomcdn.com

• intercom.com

• lh-euc1-files1.s3-accelerate.amazonaws.com

• gqj5jp8pgc.execute-api.eu-central-1.amazonaws.com

• ctp21cg5zb.execute-api.eu-central-1.amazonaws.com

• www.recaptcha.net

• fonts.gstatic.com

In order to test your system's compatibility with the above domains you can use the following test application:

System Requirements Checker

Additionally, we need outbound access to Amazon AWS services at IP ranges defined here: IPs for AWS services

Documentation: https://docs.aws.amazon.com/en_pv/general/latest/gr/aws-ip-ranges.html

Please be aware that the IPs from Amazon get updated regularly and a new JSON IP range list is populated. It’s highly unlikely that it will impact the Creative Force applications, but updates to the services can happen.

As an alternative, it can be considered to allow outbound access to:

• *.amazonaws.com

You can run the below test, to see your relative performance in connecting with our AWS S3 bucket. Reach out to your Customer Success Manager to gain credentials.

Creative Force AWS S3 Bucket Speed Test

ZEBRA Network printer

If you are using the feature “ZEBRA Network printer”, you may have to allow outbound to the address of your printer. The Printer settings can be found at https://app.creativeforce.io/settings/studio/print/printers

Depending on your settings, you may need to allow outbound to the specific IP address of the URL.

If you are using our Triad application for printing, you need to allow outbound traffic for these:

• c0ce14d0182.triad.creativeforce.io

• 127.0.0.1

Inbound

You as a customer should allow inbound from this IP address (if you have a Firewall / Proxy).

• 52.59.62.218

Notes:
This requirement is only for 

• Client delivery functionality 

• External vendor functionality. 

• Webhook

You can ignore this requirement if you don’t need these settings. 

• The Client delivery settings can be found at https://app.creativeforce.io/settings/studio/clients, section “Delivery Options”.

• The Vendor settings can be found at https://app.creativeforce.io/settings/studio/post-production 

• The Webhook settings can be found at https://app.creativeforce.io/settings/studio/developer

• Depending on your settings, you may need to open a port. For example, if you made a setting to deliver assets to a server via SFTP at port 22, then you will have to open port 22 on that server. 

• About the “Client data sources” settings: As we will never write to that data sources (we only read it) so you do not need to allow any inbound for this setting.

SSL Certificates

Customer should allow these SSL certificates:

Certificate for domain

Customer can view this certificate by going to https://app.creativeforce.io/ 

Certificate for Windows application

You can view this certificate by download our applications (HUE and Kelvin) from https://download.creativeforce.io/ 

Certificate for macOS application

You download the certificate from this link:

Creative Force macOS Certificate