If you install a DigiCert® sensor on a host that requires a proxy to communicate outside your network, you must configure the proxy client settings on the sensor so it can communicate with DigiCert® Trust Lifecycle Manager.
For Windows, you are prompted to configure proxy client settings during the install process. For other installations, or if you wish to update the proxy settings under Windows, configure and verify the proxy settings as described below.
You configure proxy client settings for a DigiCert sensor on the host system where it's installed:
From the sensor installation directory, access the config sub-directory.
Locate the file called proxy.properties. If it does not already exist, create it here. An example of this file is provided below.
Open the proxy.properties file in a text editor and configure the following parameters for proxy access:
enableProxy:
true
enables proxy access andfalse
disables it.httpsHost: IP address of the proxy server to use.
httpsHostPort: Port number for the proxy server.
httpsAuthUser: Username for authentication on the proxy server (basic authentication only), if required.
httpsAuthPassword: Password for authentication on the proxy server (basic authentication only), if required.
Restart the sensor service to encrypt the proxy passwords and upload the proxy information.
Alternatively, use the sensor
applyproxysettings
command to apply the proxy settings without restarting the sensor:Windows: change into the sensor cli subdirectory and run
applyproxysettings.bat -file ..\config\proxy.properties
Linux: change into the sensor cli subdirectory and run
./applyproxysettings.sh -file ../config/proxy.properties
Docker: use the above Linux command if running from an interactive shell, or else run
docker exec -it <container-id/name> <sensor-install-path>/cli/applyproxysettings.sh -file <sensor-install-path>/config/proxy.properties
The following is an example of the config/proxy.properties file:
enableProxy=true httpsHost=10.125.125.125 httpsHostPort=443 httpsAuthUser=system01@Admin httpsAuthPassword=mypassword
Use the sensor getproxysettings
command to verify the current proxy client settings:
Windows: Change into the sensor cli sub-directory and run
getproxysettings.bat
Linux: Change into the sensor cli sub-directory and run
./getproxysettings.sh
Docker: Use the above Linux command if running from an interactive shell, or else run
docker exec -it <container-id/name> <sensor-install-path>/cli/getproxysettings.sh