Requirements

ForgeRock supports customers using the versions specified here. Other versions and alternative environments might work as well. When opening a support ticket for an issue, however, make sure you can also reproduce the problem on a combination covered here.

Supported operating systems and web servers

Operating systems	OS versions	Web servers & minimum supported versions
CentOS⁽¹⁾	7⁽²⁾	Apache HTTP Server 2.4 IBM HTTP Server 9 NGINX Plus R25⁽²⁾, R26, R27, R28
Red Hat Enterprise Linux Oracle Linux Amazon Linux 2	7⁽²⁾ 8 9
Ubuntu Linux	18.04 LTS⁽²⁾ 20.04 LTS 22.04 LTS
SUSE Linux Enterprise	15	Apache HTTP Server 2.4
Microsoft Windows Server	2016, 2019, 2022	Apache HTTP Server 2.4⁽³⁾ Microsoft IIS 10
IBM AIX	7	IBM HTTP Server 9.0

Operating systems

OS versions

Web servers & minimum supported versions

CentOS⁽¹⁾

7⁽²⁾

Apache HTTP Server 2.4
IBM HTTP Server 9
NGINX Plus R25⁽²⁾, R26, R27, R28

Red Hat Enterprise Linux
Oracle Linux
Amazon Linux 2

7⁽²⁾
8
9

Ubuntu Linux

18.04 LTS⁽²⁾
20.04 LTS
22.04 LTS

SUSE Linux Enterprise

Apache HTTP Server 2.4

Microsoft Windows Server

2016, 2019, 2022

Apache HTTP Server 2.4⁽³⁾
Microsoft IIS 10

IBM AIX

IBM HTTP Server 9.0

⁽¹⁾For information about which version of CentOS to use with the listed NGINX Plus, refer to the Nginx Plus documentation.
⁽²⁾Support to be discontinued in a future release.
⁽³⁾The Apache HTTP Server Project does not offer binary releases for Microsoft Windows. The ForgeRock Apache HTTP Server web agent for Windows was tested against the binaries offered by Apache Lounge.

32-bit architectures are not supported.

AM requirements

Web Agent 2023.3 supports AM 6.5 and later.
Web Agent 2023.3 requires the WebSocket protocol to communicate with AM. Both the web server and the network infrastructure must support the WebSocket protocol. For example, Apache HTTP server requires the proxy_wstunnel_module for proxying the WebSocket protocol.

Refer to your network infrastructure and web server documentation for more information about WebSocket support.
If you are upgrading from a version earlier than 5, Web Agent 5 introduced notable changes in the configuration. For example, if you are using custom login pages, you must enable the |Enable Custom Login Mode property. For more information about changes introduced in Web Agent 5, refer to the Web Agent 5 Release notes.

OpenSSL requirements

Web Agent no longer works with OpenSSL versions lower than 1.1.1. It is essential to upgrade if you are using an earlier version.

Agents require OpenSSL or the Windows built-in Secure Channel API to be present. These libraries help to secure communications, for example, when connecting to AM using the WebSocket protocol.

Operating systems	OpenSSL versions
CentOS Red Hat Enterprise Linux Oracle Linux Ubuntu Linux	OpenSSL 1.1.1 OpenSSL 3.0.x
Microsoft Windows Server	OpenSSL 1.1.1⁽¹⁾ OpenSSL 3.0.x
IBM AIX	OpenSSL 1.1.1 OpenSSL 3.0.x

Operating systems

OpenSSL versions

CentOS
Red Hat Enterprise Linux
Oracle Linux
Ubuntu Linux

OpenSSL 1.1.1
OpenSSL 3.0.x

Microsoft Windows Server

OpenSSL 1.1.1⁽¹⁾
OpenSSL 3.0.x

IBM AIX

OpenSSL 1.1.1
OpenSSL 3.0.x

⁽¹⁾On Windows, Web Agent uses the Windows built-in Secure Channel API by default.

Other requirements

Before installing Web Agent on your platform, make sure the system meets the following requirements:

Linux systems

Web Agent on Linux supports Glibc 2.17 and later versions, and is compatible with Glibc 2.14 and later versions. For Glibc versions before 2.14, contact ForgeRock Support.
Web Agent on Linux requires a minimum of 16 MB of shared memory for the session and policy cache, and the various worker processes. Additionally, it needs 32 KB shared memory for the logging system. Failure to provide enough shared memory may result in errors similar to the following:
```
2017-11-10 12:06:00.492 +0000   DEBUG [1:7521][source/shared.c:1451]am_shm_create2() about to create block-clusters_0, size 1074008064
2017-11-10 12:06:00.492 +0000   ERROR [1:7521]am_shm_create2(): ftruncate failed, error: 28
```
To configure additional shared memory for the session and policy cache, refer to Environment variables.
If Enable POST Data Preservation is true, and POST Data Storage Directory takes its default value of web_agents/agent_type/instances/agent_n/log, the agent requires additional free disk space in the log directory to store the POST data.

Microsoft Windows systems

Before installing the IIS web agent, make sure the optional Application Development component of Web Server (IIS) is installed. In the Windows Server 2012 Server Manager for example, Application Development is a component of Web Server (IIS) | Web Server.
Web Agent on Windows requires a minimum of 16 MB of shared memory for the session and policy cache, and the various worker processes in the system page file. Additionally, it needs 32 KB shared memory for the logging system. Failure to provide enough shared memory may result in errors similar to the following:
```
2017-11-10 12:06:00.492 +0000   DEBUG [1:7521][source/shared.c:1451]am_shm_create2() about to create block-clusters_0, size 1074008064
2017-11-10 12:06:00.492 +0000   ERROR [1:7521]am_shm_create2(): ftruncate failed, error: 28
```
To configure additional shared memory for the session and policy cache, refer to Environment variables.
If Enable POST Data Preservation is true, and POST Data Storage Directory takes its default value of web_agents/agent_type/instances/agent_n/log, the agent requires additional free disk space in the log directory to store the POST data.

Special requests

If you need support for a combination not listed here, contact ForgeRock at info@forgerock.com.

Web Policy Agents 2023.3