Configure the reverse proxy in HTTPS mode and map the communications between the reverse proxy and the license server.
The maps are:
https://myreverseproxyname:443/DSLS/client https://mylicenseserver:4085/DSLS/client
https://myreverseproxyname:443/DSLS/admin https://mylicenseserver:4084/DSLS/admin
where myreverseproxyname is the reverse proxy hostname and mylicenseserver is the license server hostname.
Note:
All of the following configuration examples reflect the configuration of an Apache 2.4 reverse proxy, purely for illustration purposes, and are in no way intended to reflect other reverse proxy configurations.
Uncomment the following lines in the reverse proxy configuration file (httpd.conf):
#LoadModule proxy_module modules/mod_proxy.so
#LoadModule proxy_http_module modules/mod_proxy_http.so
#LoadModule ssl_module modules/mod_ssl.so
#Include conf/extra/httpd-ssl.conf
#Include conf/extra/httpd-default.conf
then edit the httpd-default.conf file and reset the value of the KeepAliveTimeout parameter:
KeepAliveTimeout 5
to a more appropriate value, for example:
KeepAliveTimeout 60
Add the following lines in the SSL configuration file for the reverse proxy (httpd-ssl.conf), before the </VirtualHost> tag:
SSLProxyEngine on
SSLProxyVerify none
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
ProxyPass /DSLS/client https://mylicenseserver:4085/DSLS/client
ProxyPassReverse /DSLS/client https://mylicenseserver:4085/DSLS/client
ProxyPass /DSLS/admin https://mylicenseserver:4084/DSLS/admin
ProxyPassReverse /DSLS/admin https://mylicenseserver:4084/DSLS/admin
where mylicenseserver is the name of your license server.
Install your own certificate or a self-signed certificate you can generate by following the instructions on this site:
http://httpd.apache.org/docs/2.0/ssl/ssl_faq.html#selfcert
This certificate will be presented by the reverse proxy to the license client and the License Administration Tool.
If you also want the License Administration Tool to be able to cross the reverse proxy, configure the License Administration Tool to point to the reverse proxy.To do so, start the License Administration Tool, and click . When the License Server Connection Parameters
dialog box appears:
specify the reverse proxy hostname (rever1dsy in our example) in
the License server name field (instead of the license server
name), and set the SSL port number (443 by default) in the Administration
port field, for example like this:
Only select the Use a proxy server option if you are
also using a forward proxy.
Note:
If you are using a failover cluster, you need to
set up three ports on the reverse proxy, corresponding to the three license servers.
For example, the DSLicSrv.txt file on each licensing client may
contain in this
case:myreverseproxy:443, myreverseproxy:444, myreverseproxy:445
Once
the reverse proxy has been implemented, the reverse proxy name appears in the
Administration tab, the Usage Per User tab
and in its detailed view.