External SSL Device and Proxy Accelerators
An external SSL device can run in front of Portal Server Secure Remote Access (SRA) in open mode. It provides the SSL link between the client and SRA.
The following tasks can be performed:
To Enable an External SSL Device Accelerator
-
Ensure that SRA has been installed and a gateway is running in open mode (HTTP mode).
-
Enable an HTTP Connection.
The table lists the external SSL device and proxy accelerator parameters and values.
Parameter
Value
SRA instance
default
Gateway Mode
http
Gateway Port
880
External Device/Proxy Port
443
To Configure External SSL Device Accelerators
-
Follow the instructions in the user guide to install the hardware and software packages.
-
Install the required patches, if any.
-
Configure a gateway instance to use HTTP.
-
Enter the following values in the platform.conf file:
gateway.enable.customurl=true
gateway.enable.accelerator=true
gateway.httpurl=https://external-device-URL:port-number
-
Gateway notification can be configured in two ways:
-
When the Access Manager can contact the gateway machine at port 880 (Session notifications are in HTTP), enter values in the platform.conf file.
vi /etc/opt/SUNWportal/platform.conf.default
gateway.protocol=http
gateway.port=880
-
When the Access Manager can contact the external device/proxy at port 443 (Session notifications are be in HTTPS), enter values in the platform.conf file.
vi /etc/opt/SUNWportal/platform.conf.default
gateway.host=External Device/Proxy Host Name
gateway.protocol=https
gateway.port=443
-
-
-
Make sure that the SSL device/proxy is up and running and configured to tunnel the traffic to the gateway port.
-
From a terminal window, restart the gateway:
./psadmin start-sra-instance -u amadmin -f passwordfile -N profilename -t gateway
- © 2010, Oracle Corporation and/or its affiliates