Requirements
ForgeRock supports customers using the versions specified here. Other versions and alternative environments might work as well. When opening a support ticket for an issue, however, make sure you can also reproduce the problem on a combination covered here.
Special requests
If you have a special request regarding support for a combination not listed here, contact ForgeRock at info@forgerock.com.
AM requirements
-
Web Agent supports AM 6.5 and later.
-
Web Agent requires the WebSocket protocol to communicate with AM. Both the web server and the network infrastructure must support the WebSocket protocol. For example, Apache HTTP server requires the
proxy_wstunnel_modulefor proxying the WebSocket protocol.Refer to your network infrastructure and web server documentation for more information about WebSocket support.
-
Web Agent 5 introduced notable changes in the configuration. For example, if you are using custom login pages, you must enable custom login mode (org.forgerock.openam.agents.config.allow.custom.login). For more information about changes introduced in Web Agent 5, refer to the Web Agent 5 Release notes.
SSL requirements
To secure communications such as the connection to AM through the WebSocket protocol, agents require OpenSSL or the Windows built-in Secure Channel API.
To define the protocol versions allowed in your environment, configure the Security Protocol List.
TLS requirements
| Agent version | Supported and enabled by default | Supported but disabled by default |
|---|---|---|
2024.3 |
TLSv1.3, TLSv1.2 |
TLSv1.1, TLSv1.0 |
2023.11 |
TLSv1.3, TLSv1.2 |
TLSv1.1, TLSv1.0, SSLv3(1) |
2023.9 |
TLSv1.3, TLSv1.2 |
TLSv1.1, TLSv1.0, SSLv3 |
2023.6 |
TLSv1.3, TLSv1.2 |
TLSv1.1, TLSv1.0, SSLv3 |
2023.3 |
TLSv1.3, TLSv1.2 |
TLSv1.1, TLSv1.0, SSLv3 |
(1)Not supported after Web Agent 2023.11.
OpenSSL requirements
| Agent version | Operating system | OpenSSL version |
|---|---|---|
2024.3 |
CentOS |
3.2.x, 3.1.x, 3.0.x, 1.1.1 |
Microsoft Windows Server (1) |
3.2.x, 3.1.x, 3.0.x, 1.1.1 |
|
IBM AIX |
3.2.x, 3.1.x, 3.0.x, 1.1.1 |
|
2023.11-2023.3 |
CentOS |
3.0.x, 1.1.1 |
Microsoft Windows Server(1) |
3.0.x, 1.1.1 |
|
IBM AIX |
3.0.x, 1.1.1 |
|
5.10 |
CentOS |
3.0.x, 1.1.1, 1.1.0(2), 1.0.x(2) |
Microsoft Windows Server (1) |
3.0.x, 1.1.1, 1.1.0(2), 1.0.x(2) |
|
IBM AIX |
3.0.x, 1.1.1, 1.1.0(2), 1.0.x(2) |
|
5.9 |
CentOS |
1.1.1, 1.1.0, 1.0.x |
Microsoft Windows Server (1) |
1.1.1, 1.1.0, 1.0.x |
|
IBM AIX |
1.1.1, 1.1.0, 1.0.x |
(1)On Windows, Web Agent uses the Windows built-in Secure Channel API by default.
(2)Not supported after Web Agent 5.10.
Platform requirements
|
Supported operating systems and web servers Web Agent 2024.3
| Operating systems | OS versions | Web servers & minimum supported versions |
|---|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
(1)For information about which version of CentOS to use with the listed
NGINX Plus, refer to the NGINX Plus documentation.
(2)Support to be discontinued in a future release.
(3)The Apache HTTP Server Project does not
offer binary releases for Microsoft Windows. The ForgeRock Apache HTTP
Server web agent for Windows was tested against the binaries offered by
Apache Lounge.
Supported operating systems and web servers Web Agent 2023.11
| Operating systems | OS versions | Web servers & minimum supported versions |
|---|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
(1)For information about which version of CentOS to use with the listed
NGINX Plus, refer to the NGINX Plus documentation.
(2)Support to be discontinued in a future release.
(3)The Apache HTTP Server Project does not
offer binary releases for Microsoft Windows. The ForgeRock Apache HTTP
Server web agent for Windows was tested against the binaries offered by
Apache Lounge.
Supported operating systems and web servers Web Agent 2023.9
| Operating systems | OS versions | Web servers & minimum supported versions |
|---|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
(1)For information about which version of CentOS to use with the listed
NGINX Plus, refer to the NGINX Plus documentation.
(2)Support to be discontinued in a future release.
(3)The Apache HTTP Server Project does not
offer binary releases for Microsoft Windows. The ForgeRock Apache HTTP
Server web agent for Windows was tested against the binaries offered by
Apache Lounge.
Supported operating systems and web servers Web Agent 2023.6
| Operating systems | OS versions | Web servers & minimum supported versions |
|---|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
(1)For information about which version of CentOS to use with the listed
NGINX Plus, refer to the Nginx Plus documentation.
(2)Support to be discontinued in a future release.
(3)The Apache HTTP Server Project does not
offer binary releases for Microsoft Windows. The ForgeRock Apache HTTP
Server web agent for Windows was tested against the binaries offered by
Apache Lounge.
Supported operating systems and web servers Web Agent 2023.3
| Operating systems | OS versions | Web servers & minimum supported versions |
|---|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
(1)For information about which version of CentOS to use with the listed
NGINX Plus, refer to the NGINX Plus documentation.
(2)Support to be discontinued in a future release.
(3)The Apache HTTP Server Project does not
offer binary releases for Microsoft Windows. The ForgeRock Apache HTTP
Server web agent for Windows was tested against the binaries offered by
Apache Lounge.
Supported operating systems and web servers Web Agent 5.10
| Operating systems | OS versions | Web servers & minimum supported versions |
|---|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
(1)Support to be discontinued in a future release.
(2)The Apache HTTP Server Project does not offer binary releases for Microsoft Windows. The ForgeRock Apache HTTP Server web agent for Windows was tested against the binaries offered by Apache Lounge
Supported operating systems and web servers Web Agent 5.9
| Operating Systems | OS Versions | Web Servers & Minimum Supported Versions |
|---|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
(1)Support to be discontinued in a future release.
(2)The Apache HTTP Server Project does not offer binary releases for Microsoft Windows. The ForgeRock Apache HTTP Server web agent for Windows was tested against the binaries offered by Apache Lounge
Linux Systems requirements
-
Web Agent on Linux supports Glibc 2.17 and later versions, and is compatible with Glibc 2.14 and later versions. For Glibc versions before 2.14, contact ForgeRock Support.
-
Web Agent on Linux requires a minimum of 16 MB of shared memory for the session and policy cache, and the various worker processes. Additionally, it needs 32 KB shared memory for the logging system. Failure to provide enough shared memory may result in errors similar to the following:
2017-11-10 12:06:00.492 +0000 DEBUG [1:7521][source/shared.c:1451]am_shm_create2() about to create block-clusters_0, size 1074008064 2017-11-10 12:06:00.492 +0000 ERROR [1:7521]am_shm_create2(): ftruncate failed, error: 28
To configure additional shared memory for the session and policy cache, see Environment variables.
-
If POST data preservation is enabled, the web agent requires additional free disk space in the web agent installation directory to store the POST data cache files.
Microsoft Windows systems requirements
-
Before installing the IIS web agent, make sure that the optional Application Development component of Web Server (IIS) is installed. In the Windows Server 2012 Server Manager for example, Application Development is a component of Web Server (IIS) | Web Server.
-
Web Agent on Windows requires a minimum of 16 MB of shared memory for the session and policy cache, and the various worker processes in the system page file. Additionally, it needs 32 KB shared memory for the logging system. Failure to provide enough shared memory may result in errors similar to the following:
2017-11-10 12:06:00.492 +0000 DEBUG [1:7521][source/shared.c:1451]am_shm_create2() about to create block-clusters_0, size 1074008064 2017-11-10 12:06:00.492 +0000 ERROR [1:7521]am_shm_create2(): ftruncate failed, error: 28
To configure additional shared memory for the session and policy cache, see Environment variables.
-
If POST data preservation is enabled, the web agent requires additional free disk space in the web agent installation directory to store the POST data cache files.