Cryptographic Security Platform 1.0.0 - Installation and administration guide [PDF][Releases]

Configures the connection with the proxy server.

clusterctl proxy set --host <host> [--port <port>] [--protocol <protocol>] [--certificate <cert>] [--user <user>] [--password <pwd>] [-no-proxy <no-proxy>]

See below for a description of each parameter.

For example:

$ sudo clusterctl proxy set --host myproxy --user bob --password demo

The proxy configuration has been set

Changes will be effective when deploying (or redeploying) the solution with Management Console or the clusterctl solution deploy command.

--host <host>

Select the <host> proxy, where <host> is an address in one of the following formats.

Address format	Limitations
IP address	None
Hostname	The --protocol <protocol> option only supports the `https` value

Mandatory: Yes.

--port <port>

Select <port> as the proxy port number.

Mandatory: No. When omitted, this parameter defaults to 443.

--no-proxy <no-proxy>

Skip the proxy when connecting to the <no-proxy> sites, where <no-proxy> is a comma-separated list (without spaces) of domains or IP addresses. For example:

example.com,192.168.1.1,sub.domain.com

The <no-proxy> list cannot include IP addresses in CIDR (Classless Inter-Domain Routing) format like 192.168.1.0/24.

Mandatory: No.

--user <user>, --password <pwd>

Authenticate in the proxy with the <user> username and the <pwd> password.

Mandatory: No. See the following table for the actions performed when setting or omitting this parameter.

--user	--password	Action
<user>	<pwd>	Set `<user>` and `<pwd>` as proxy basic authentication credentials
<user>		Prompt for the password of the `<user>` user
	<pwd>	Throw an error
		Assume that the proxy requires no authentication

--protocol <protocol>

The protocol for accessing the proxy. See the table below for the supported values.

Value	Limitations
http	The --host <host> option only supports IP addresses
https	None

Mandatory: No. This optional value defaults to https.

--certificate <cert>

Authenticate in the proxy with the <cert> certificate, where <cert> is the path of a plaintext file in PEM format.

The certificate should include a SAN matching the host.

Mandatory: No. See the following table for the actions performed when setting or omitting this parameter.

--protocol	--certificate	Action
http	<cert>	Throw an error
http		Set an HTTP connection
https	<cert>	Set an HTTPS connection with the `<cert>` certificate
https		Set an HTTPS connection with the default certificate of the operating system