Installing the Proxy
Installation of the Proxy is carried out in several steps.
These installation instructions apply to Windows and UNIX.
| Component |
Required memory per 1000 connected agents |
| Client |
~ 115 MB |
| Server |
~ 115 MB |
Use the program UCYBCRYP.EXE to decrypt the file proxy.jar.ucc. You will find it in the folder IMAGE:\TOOLS\ENCRYPT in the Automation Engine folder. Now call the program through the command line with the following parameters:
UCYBCRYP.EXE -d -f proxy.jar.ucc -l License file
The license file is supplied together with the Automation Engine itself (customer number.TXT).
The result is the file proxy.jar.
Before attempting the decryption process, please verify that the relevant entry for PROXY is included in the license file.
2. Java Runtime
Use the following command to check the Java VM version:
java -version
Pay attention to the correct order of the Java directories in the %PATH% (Windows) and $PATH (UNIX) environment variable if multiple JREs or SDKs are installed. The first Java VM is always used.
The Compatibility Matrix informs you about the Java version you require. You can download the latest version from http://java.oracle.com.
3. Installing the Proxy
The following actions are required to operate two instances of the Proxy: the client Proxy and the server Proxy.
This installation step must be performed on the computer on which the client Proxy should run as well as on each computer on which the server Proxy should run.
- Create a dedicated directory for the Proxy. For example (Windows): "C:\Automic\Proxy\bin".
- Copy the delivered files to this directory.
It is only necessary to copy the *.ini file to the client Proxy directory. The server Proxy does not require an *.ini file.
4. Creating the SSL Certificate
SSL encryption is required for the connections between client and server Proxy. To do so, you must create a certificate. Connections between client and server Proxy are only accepted if both have the same certificate.
SSL authentication is required for the connections between client and server Proxy and cannot be deactivated.
To create the SSL certificate:
- Use the Java keytool in the bin folder of the Java program directory to create a self-signed certificate.
Example:
C:\Program Files\Java\jre7\bin\keytool.exe
- The following command creates the keystore.jks file that saves a certificate, which is valid for 365 days. The KeyStore file is protected by the password "passwd."
keytool -genkey -keyalg RSA -alias selfsigned -keystore keystore.jks -storepass passwd -validity 365
-keysize 2048
The password for the keystore.jks may be encrypted, using the UCYBCRYP.EXE from the Utilities in Automation Engine
- Next, answer the questions about the company and press ENTER to confirm.
Example:
What is your first and last name?
[Unknown]: www.automic.com
What is the name of your organizational unit?
[Unknown]: Development
What is the name of your organization?
[Unknown]: Automic
What is the name of your city or town?
[Unknown]: Vienna
What is the name of your state or province?
[Unknown]: Vienna
What is the two-letter country code for this unit?
[Unknown]: AT
Is CN=www.automic.com, OU=Development, O=Automic, L=Vienna, ST=Vienna, C=AT
correct?
[no]: yes
Enter key password for <selfsigned>
(RETURN if same as KeyStore password):
You shouldn't use a certificate or key here that is part of your company's key infrastructure. The data typed by the user at this point is not being verified.
After the connection is established, the parties use a negotiated secret key for symmetric encryption. Any malicious party that obtains the certificate after the connection is set up, won't be able to decrypt the communication, as the symmetric key is random and renegotiated on each SSL connection setup.
5. Configuring the Client Proxy
6. Starting the Server Proxy
Start the Proxy instance running on the agent side, APIs, etc. (= server Proxy) by using the following command line parameters:
- servicePort=
Port of the Proxy server to which the client Proxy connects. If this parameter is not specified, the default port 4321 is automatically used.
- keyStore=
Path and name of the KeyStore file
- keyStorePwd=
KeyStore file password
Example:
java -cp proxy.jar com.uc4.proxy.Server -keyStore=keystore.jks -keyStorePwd=passwd -servicePort=4321
7. Starting the Client Proxy (as an agent)
Do one of the following:
- Start the Proxy instance on the CP side (= client Proxy) without entering command line parameters.
Example:
java -jar proxy.jar
- Alternatively, you can specify the path to the proxy.ini file using the parameter -I, if you should wish to store the file in a different location.
Example:
java -jar proxy.jar -Imy_proxy.ini
If you do not specify the location, the INI file will be expected in the same directory as the .jar file of the Proxy.
The client Proxy creates a log file immediately after starting and determines whether it is possible to establish a connection to a communication process (CP). The client Proxy connects to the server Proxy upon successful connection to the CP.
Use the Automic ServiceManager to start the client Proxy and the server Proxy as a service.
As of v2.0, starting the client Proxy will result in a so-called technical connection to the AE system. This means, the client Proxy connects as an agent to the AE system and the respective communication process. This change has the advantage that all online client Proxies are visible in the Administration perspective of the AE in the agent section.