Configure a sensor to use a proxy server for communications

For a scan to run successfully, its sensor must be able to communicate with the CertCentral cloud service to receive instructions associated with certificate discovery and to report on certificate inventory updates.

Problem

You installed the DigiCert Sensor on a computer that requires a proxy server to communicate outside your network. Now, the sensor can’t relay its findings back to Discovery in your CertCentral account preventing you from seeing the results of the scan.

Solution

Configure the DigiCert Sensor to use a proxy server so it can communicate with Discovery in your CertCentral account allowing you to see the results of the scan.

Before you begin

  • Have experience working with the proxy server's operating system
  • Have administrative permissions

Configure the sensor to use a proxy

  1. On the computer you installed the sensor on, use a text editor (such as vi or Notepad) to create a proxy.properties file with these configuration settings:

Setting Description
enableProxy To enable proxy access: true enables proxy access and false disables proxy access
httpHost IP address of the proxy server used for HTTP communication
httpHostPort Port number the proxy server uses for HTTP communications
httpAuthUser Username required to authenticate the HTTP proxy (Basic Authentication only) – If required
httpAuthPassword Password required to authenticate to the HTTP proxy (Basic Authentication only) – If required
httpsHost IP address of the proxy server used for HTTPS communication
httpsHostPort Port number the proxy server uses for HTTPS communications
httpsAuthUser Username required to authenticate the HTTPS proxy (Basic Authentication only) – If required
httpsAuthPassword Password required to authenticate to the HTTPS proxy (Basic Authentication only) – If required
For example 
enableProxy=true
enableProxy=true
httpHost=123.123.123.123
httpHostPort=80
httpAuthUser=mypassword
httpAuthPassword=system01@Admin
httpsHost=125.125.125.125
httpsHostPort=443
httpsAuthUser=mypassword
httpsAuthPassword=system02@Admin

  1. Add the configuration file to: install_dir/config/proxy.properties

  1. Restart the sensor to encrypt the proxy passwords and upload the proxy information.

    In the examples below, install_dir is the sensor installation directory

    Linux

    Go to install_dir/cli and run the ./restart.bat command.

    Windows

    Go to install_dir/cli and run the restart.bat command.

What's next

The sensor can now use the proxy server to relay its findings back to Discovery in your CertCentral account so you can see the results of the scan.

Related topics:

About

DigiCert is the world's leading provider of scalable TLS/SSL, IoT and PKI solutions for identity and encryption. The most innovative companies, including 89% of the Fortune 500 and 97 of the 100 top global banks, choose DigiCert for its expertise in identity and encryption for web servers and Internet of Things devices. DigiCert supports TLS and other digital certificates for PKI deployments at any scale through its certificate lifecycle management solution, CertCentral®. The company is recognized for its enterprise-grade certificate management platform, fast and knowledgeable customer support, and market-leading security solutions. For the latest DigiCert news and updates, visit digicert.com or follow @digicert.

©2020 DigiCert, Inc. All rights reserved. DigiCert, its logo and CertCentral are registered trademarks of DigiCert, Inc. Norton and the Checkmark Logo are trademarks of NortonLifeLock Inc. used under license. Other names may be trademarks of their respective owners.