Requirements
ForgeRock supports customers using the versions specified here. Other versions and alternative environments might work as well. When opening a support ticket for an issue, however, make sure you can also reproduce the problem on a combination covered here.
Special requests
If you have a special request regarding support for a combination not listed here, contact ForgeRock at info@forgerock.com.
AM requirements
-
Web Agent supports AM 6.5 and later.
-
Web Agent requires the WebSocket protocol to communicate with AM. Both the web server and the network infrastructure must support the WebSocket protocol. For example, Apache HTTP server requires the
proxy_wstunnel_module
for proxying the WebSocket protocol.Refer to your network infrastructure and web server documentation for more information about WebSocket support.
-
Web Agent 5 introduced notable changes in the configuration. For example, if you are using custom login pages, you must enable custom login mode (org.forgerock.openam.agents.config.allow.custom.login). For more information about changes introduced in Web Agent 5, refer to the Web Agent 5 Release notes.
OpenSSL requirements
Agents require OpenSSL or the Windows built-in Secure Channel API to secure communications such as the connection to AM through the WebSocket protocol.
From Web Agent 2023.3, OpenSSL 1.1.1 or a later version is required. It is essential to upgrade if you are using an earlier version of OpenSSL.
OpenSSL 1.0.2 or a later version is required for TLSv1.2. If you have to use an
earlier, weaker cipher in your environment, configure the
org.forgerock.agents.config.tls
bootstrap property with a security protocol
other than TLSv1.2.
Operating systems | OpenSSL versions | Agent version |
---|---|---|
CentOS Red Hat Enterprise Linux Oracle Linux Ubuntu Linux |
OpenSSL 3.0.x |
2023.9, 2023.6, 2023.3, 5.10 |
OpenSSL 1.1.1 |
2023.9, 2023.6, 2023.3, 5.10, 5.9 |
|
OpenSSL 1.1.0 |
5.10, 5.9 |
|
OpenSSL 1.0.X |
5.10, 5.9 |
|
Microsoft Windows Server (1) |
OpenSSL 3.0.x |
2023.9, 2023.6, 2023.3, 5.10 |
OpenSSL 1.1.1 |
2023.9, 2023.6, 2023.3, 5.10, 5.9 |
|
OpenSSL 1.1.0 |
5.10, 5.9 |
|
OpenSSL 1.0.X |
5.10, 5.9 |
|
IBM AIX |
OpenSSL 3.0.x |
2023.9, 2023.6, 2023.3, 5.10 |
OpenSSL 1.1.1 |
2023.9, 2023.6, 2023.3, 5.10, 5.9 |
|
OpenSSL 1.1.0 |
5.10, 5.9 |
|
OpenSSL 1.0.X |
5.10, 5.9 |
|
OpenSSL 0.9.8 |
5.10, 5.9 |
(1)On Windows, Web Agent uses the Windows built-in Secure Channel API by default.
Platform requirements
32-bit architectures are not supported. |
Supported operating systems and web servers Web Agent 2023.9
Operating systems | OS versions | Web servers & minimum supported versions |
---|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
(1)For information about which version of CentOS to use with the listed
NGINX Plus, refer to the NGINX Plus documentation.
(2)Support to be discontinued in a future release.
(3)The Apache HTTP Server Project does not
offer binary releases for Microsoft Windows. The ForgeRock Apache HTTP
Server web agent for Windows was tested against the binaries offered by
Apache Lounge.
Supported operating systems and web servers Web Agent 2023.6
Operating systems | OS versions | Web servers & minimum supported versions |
---|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
(1)For information about which version of CentOS to use with the listed
NGINX Plus, refer to the Nginx Plus documentation.
(2)Support to be discontinued in a future release.
(3)The Apache HTTP Server Project does not
offer binary releases for Microsoft Windows. The ForgeRock Apache HTTP
Server web agent for Windows was tested against the binaries offered by
Apache Lounge.
Supported operating systems and web servers Web Agent 2023.3
Operating systems | OS versions | Web servers & minimum supported versions |
---|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
(1)For information about which version of CentOS to use with the listed
NGINX Plus, refer to the NGINX Plus documentation.
(2)Support to be discontinued in a future release.
(3)The Apache HTTP Server Project does not
offer binary releases for Microsoft Windows. The ForgeRock Apache HTTP
Server web agent for Windows was tested against the binaries offered by
Apache Lounge.
Supported operating systems and web servers Web Agent 5.10
Operating systems | OS versions | Web servers & minimum supported versions |
---|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
(1)Support to be discontinued in a future release.
(2)The Apache HTTP Server Project does not offer binary releases for Microsoft Windows. The ForgeRock Apache HTTP Server web agent for Windows was tested against the binaries offered by Apache Lounge
Supported operating systems and web servers Web Agent 5.9
Operating Systems | OS Versions | Web Servers & Minimum Supported Versions |
---|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
(1)Support to be discontinued in a future release.
(2)The Apache HTTP Server Project does not offer binary releases for Microsoft Windows. The ForgeRock Apache HTTP Server web agent for Windows was tested against the binaries offered by Apache Lounge
Linux Systems requirements
-
Web Agent on Linux supports Glibc 2.17 and later versions, and is compatible with Glibc 2.14 and later versions. For Glibc versions before 2.14, contact ForgeRock Support.
-
Web Agent on Linux requires a minimum of 16 MB of shared memory for the session and policy cache, and the various worker processes. Additionally, it needs 32 KB shared memory for the logging system. Failure to provide enough shared memory may result in errors similar to the following:
2017-11-10 12:06:00.492 +0000 DEBUG [1:7521][source/shared.c:1451]am_shm_create2() about to create block-clusters_0, size 1074008064 2017-11-10 12:06:00.492 +0000 ERROR [1:7521]am_shm_create2(): ftruncate failed, error: 28
To configure additional shared memory for the session and policy cache, see Environment variables.
-
If POST data preservation is enabled, the web agent requires additional free disk space in the web agent installation directory to store the POST data cache files.
Microsoft Windows systems requirements
-
Before installing the IIS web agent, make sure that the optional Application Development component of Web Server (IIS) is installed. In the Windows Server 2012 Server Manager for example, Application Development is a component of Web Server (IIS) | Web Server.
-
Web Agent on Windows requires a minimum of 16 MB of shared memory for the session and policy cache, and the various worker processes in the system page file. Additionally, it needs 32 KB shared memory for the logging system. Failure to provide enough shared memory may result in errors similar to the following:
2017-11-10 12:06:00.492 +0000 DEBUG [1:7521][source/shared.c:1451]am_shm_create2() about to create block-clusters_0, size 1074008064 2017-11-10 12:06:00.492 +0000 ERROR [1:7521]am_shm_create2(): ftruncate failed, error: 28
To configure additional shared memory for the session and policy cache, see Environment variables.
-
If POST data preservation is enabled, the web agent requires additional free disk space in the web agent installation directory to store the POST data cache files.