Configure an Apache HTTP Server as a reverse proxy
This section provides an example of how to configure Apache as a reverse proxy between AM and the agent. You can use any reverse proxy that supports the WebSocket protocol.
Refer to the Apache documentation to configure Apache for load balancing and any other requirement for your environment.
Note that the communication protocol changes from HTTPS to HTTP.
In your deployed reverse proxy instance, locate the
Add the following modules required for a proxy configuration:
# Modules required for proxy LoadModule proxy_module modules/mod_proxy.so LoadModule proxy_http_module modules/mod_proxy_http.so LoadModule proxy_wstunnel_module modules/mod_proxy_wstunnel.so
mod_proxy_wstunnel.somodule is required to support the WebSocket protocol used for notification between AM and the agents.
Add the proxy configuration inside the
VirtualHostcontext, and set the following directives:
<VirtualHost 192.168.1.1> ... # Proxy Config RequestHeader set X-Forwarded-Proto "https" (1) ProxyPass "/am/notifications" "ws://am.example.com:8080/am/notifications" Upgrade=websocket (2) ProxyPass "/am" "http://am.example.com:8080/am" (3) ProxyPassReverseCookieDomain "am.internal.example.com" "proxy.example.com" (4) ProxyPassReverse "/am" "http://am.example.com:8080/am" (5) ... </VirtualHost>
1 RequestHeader: If the proxy is configured for https, set to
https. Otherwise, set to
http. A later step configures AM to recognize the forwarded header and use it in the
gotoparameter, to redirect back to the Java Agent after authentication.
2 ProxyPass: Allow WebSocket traffic between AM and the Java Agent. If HTTPS is configured between the proxy and AM, use
3 ProxyPass: Allow HTTP traffic between AM and the agent. 4 ProxyPassReverseCookieDomain: Rewrite the domain string of Set-Cookie headers in this format:
internal domain (AM’s domain) public domain (proxy’s domain).
5 ProxyPassReverse: Set to the same value configured for the
Restart the reverse proxy instance.
Configure AM to recover the forwarded header configured in the reverse proxy. Also, review other configurations that may be required in an environment that uses reverse proxies. For more information, see Communication Between AM and Agents