AnsweredAssumed Answered

SSL Ports

Question asked by Lindsay_Estabrooks Champion on Apr 16, 2019
Latest reply on Apr 18, 2019 by Lindsay_Estabrooks

Having some small challenges with a configuration that has two Domain Orchestrators (behind an F5 load balancer) and one Agent on a Service Desk application server. The issue seems to be around the communication between the Agent and both nodes of the cluster.

To clarify, we are using secure (SSL) communications and have configured PAM to use port 8443 for web (and web service) connections with a properly signed (wildcard) certificate. We can log into PAM from a browser (port 8443)and the connection is secure.

We also understand that the communcation between PAM components is over port 443 (simplified communications) using the self-signed certificates found in c2okeystore.

In our configuration there seems to be a behavior inconsistency between the PAM Agent and the Orchestrators. It would be useful to better understand the correct values for the following parameters found in the domain.xml file (443 vs 8443) on the Orchestrators and Agent:

  • <C2ODomainSecurePort>
  • <C2ODomainURL>https://loadbalancerAddress:port
  • <CommsV2Port>
  • <NodeCommsV2Port>
  • <NodeCommsServerPort>
  • <SecurePort>

Any insights you can provide will be much appreciated.

Outcomes