LoginPortSSL
LoginPortSSL allows you to specify a particular secure port for EZproxy to use to identify itself and additional ports that it should use to listen for requests. This can be helpful in configuring EZproxy to Proxy by Hostname and setting up EZproxy to work with your firewall address translation.
LoginPortSSL is a position-dependent config.txt directive that specifies the port(s) on which EZproxy should listen for incoming login, menu, and administration requests using https.
The first LoginPortSSL directive establishes the port that EZproxy will use when generating URLs that point to itself using https. Subsequent LoginPortSSL directives establish additional ports on which EZproxy should listen for https requests.
SSL configuration must be performed before LoginPortSSL directives can be employed in config.txt.
Note:By default, EZproxy listens on all IP interfaces. If the interface directive is employed before LoginPortSSL, then EZproxy will only attempt to listen on the specified interface and port.
On Linux, if the port is below 1024 and -Virtual is not specified, the EZproxy must be started by the root user. In this instance, the RunAs directive can be used to direct EZproxy to change to a different user account once listening has been established on the specified port(s).
Qualifiers
Qualifier | Directive |
---|---|
port | The port on which EZproxy should listen for incoming https requests. |
Options
Qualifier | Directive |
---|---|
-Virtual |
Do not actually listen on this port. When used, an additional LoginPortSSL directive must follow to establish an actual port on which EZproxy should listen for requests. |
-Cert=index |
The number of specific SSL certificate that should be used when listening for requests on this port. The default is to listen using the certificate that has been declared as the active certificate. |
Syntax
LoginPortSSL 443
Example
To configure EZproxy to listen on the standard https web server port 443, enter the following statement in your config.txt:
LoginPortSSL 443
You can configure EZproxy to listen on the standard http web server port 80 and the standard https web server port 443 by entering the following two lines in your config.txt:
LoginPort 80 LoginPortSSL 443
Using secure and unsecure virtual ports
You can use a combination of LoginPort and LoginPortSSL to direct EZproxy to act as though it is listening on ports 80 and 443, but actually listen on ports 8080 and 8443. This configuration only works if a firewall is performing network address translation of external port 80 to internal port 8080 and external port 443 to internal port 8443.
LoginPort -Virtual 80 LoginPort 8080 LoginPortSSL -Virtual 443 LoginPortSSL 8443