An external SSL device can run in front of Portal Server Secure Remote Access (SRA) in open mode. It provides the SSL link between the client and SRA.
The following tasks can be performed:
Ensure that SRA has been installed and a gateway is running in open mode (HTTP mode).
Enable an HTTP Connection.
The table lists the external SSL device and proxy accelerator parameters and values.
Parameter |
Value |
---|---|
SRA instance |
default |
Gateway Mode |
http |
Gateway Port |
880 |
External Device/Proxy Port |
443 |
Follow the instructions in the user guide to install the hardware and software packages.
Install the required patches, if any.
Configure a gateway instance to use HTTP.
Enter the following values in the platform.conf file:
gateway.enable.customurl=true
gateway.enable.accelerator=true
gateway.httpurl=https://external-device-URL:port-number
Gateway notification can be configured in two ways:
When the Access Manager can contact the gateway machine at port 880 (Session notifications are in HTTP), enter values in the platform.conf file.
vi /etc/opt/SUNWportal/platform.conf.default
gateway.protocol=http
gateway.port=880
When the Access Manager can contact the external device/proxy at port 443 (Session notifications are be in HTTPS), enter values in the platform.conf file.
vi /etc/opt/SUNWportal/platform.conf.default
gateway.host=External Device/Proxy Host Name
gateway.protocol=https
gateway.port=443
Make sure that the SSL device/proxy is up and running and configured to tunnel the traffic to the gateway port.
From a terminal window, restart the gateway:
./psadmin start-sra-instance -u amadmin -f passwordfile -N profilename -t gateway |