Installing the Proxy

As a system administrator, you install the Proxy Client and Server. These installation instructions apply to Windows and UNIX.

Notes:

You must install the Proxy on each computer on which the Proxy Client or Server will run.
Check which Java version you require. For more information, see Compatibility Information.
Use the ServiceManager to start the Proxy Client and Server as a service. as a service. For more information, see ServiceManager.

This page includes the following:

Overview

The Proxy application allows administrators to combine the communication process (CP) connections of the components of the Automation Engine (such as agents, AWI instances, APIs) into one connection and reverse the direction in which the connection was set up.

SSL encryption and authentication are required for the connections between Proxy Client and Server. These connections are only accepted if both have the same certificate. SSL authentication cannot be deactivated.

Installation Procedure

Check the Java VM version using java -version.

If multiple JREs or SDKs are installed, pay special attention to the correct order of the Java directories in the %PATH% (Windows) and $PATH (UNIX) environment variable. The first Java VM is always used.
Create a dedicated directory for the Proxy (for example, in Windows, C:\Automic\Proxy\bin) and copy the delivered files into the directory.

Important! Copy the INI file only to the Proxy Client directory. The Proxy Server does not require an INI file. For more information, see Proxy INI file.
Create the SSL certificate.
1. Use the Java keytool in the bin folder of the Java program directory to create a self-signed certificate.
2. The following command creates the keystore.jks file that saves a certificate, which is valid for 365 days. The KeyStore file is protected by the password passwd.
3. Enter the company information.
  
  Important! Do not use a certificate or key that is part of your company's key infrastructure, as the data is not verified at this point. After the connection is established, the parties use a negotiated secret key for symmetric encryption. Any malicious party that obtains the certificate after the connection is set up, is not able to decrypt the communication, as the symmetric key is random and renegotiated on each SSL connection setup.
Configure the Proxy Client.
- In the [GLOBAL] section, define the server (Proxy Server) and routing ports:
  - serverProxy=4321
  - routingPort=2217
- Optionally, link Proxy pairs using the [OTHER_SP_LIST] section or define Proxy segments using the segment= parameter in the [GLOBAL] section of the INI file. For more information, see About Proxy.
Start the Proxy Server (instance running on the agent, API, etc.) using the following command line parameters:
- servicePort= Port of the Proxy Server to which the Proxy Client connects. If this parameter is not specified, the default port 4321 is automatically used.
- keyStore= Path and name of the KeyStore file
- keyStorePwd= KeyStore file password
Example:

java -cp proxy.jar com.uc4.proxy.Server -keyStore=keystore.jks -keyStorePwd=passwd -servicePort=4321
Start the Proxy Client as an agent without entering command line parameters.

Example

java -jar proxy.jar

If no other location has been specified, the INI file is located in the same directory as the JAR file of the Proxy. Use the parameter -I to store the INI file in a different location.

Example

java -jar proxy.jar -Imy_proxy.ini

Upon starting, the Proxy Client creates a log file and tries to establish a connection to a communication process (CP). If the connection to the CP is successful, the Proxy Client connects to the Proxy Server.

Note: Starting the Proxy Client results in a technical connection to the AE system. This means that the Proxy Client connects as an agent to the AE system and the respective communication process (CP). All Proxy Clients that are online are visible on the Agent page in the Administration perspective.