config.txt Directives

  • LoginPortSSL

LoginPortSSL

Why Is This Important?

LoginPortSSL allows you to specify a particular secure port for EZproxy to use to identify itself and additional ports that it should use to listen for requests. This can be helpful in configuring EZproxy to Proxy by Hostname and setting up EZproxy to work with your firewall address translation.

LoginPortSSL is a position-dependent config.txt directive that specifies the port(s) on which EZproxy should listen for incoming login, menu, and administration requests using https.

The first LoginPortSSL directive establishes the port that EZproxy will use when generating URLs that point to itself using https. Subsequent LoginPortSSL directives establish additional ports on which EZproxy should listen for https requests.

Note: SSL configuration must be performed before LoginPortSSL directives can be employed in config.txt.

The basic configuration for LoginPortSSL is:

LoginPortSSL 443

Where you can specify any secure point and substitute it for 443.

By default, EZproxy listens on all IP interfaces. If the Interface directive is employed before LoginPortSSL, then EZproxy will only attempt to listen on the specified interface and port.

On Linux and Solaris, if the port is below 1024 and -Virtual is not specified, the EZproxy must be started by the root user. In this instance, the RunAs directive can be used to direct EZproxy to change to a different user account once listening has been established on the specified port(s).

Qualifiers

Qualifier Description
port The port on which EZproxy should listen for incoming https requests

Options

Option Description
-Virtual Do not actually listen on this port. When used, an additional LoginPortSSL directive must follow to establish an actual port on which EZproxy should listen for requests.
-Cert=index The number of a specific SSL certificate that should be used when listening for requests on this port. The default is to listen using the certificate that has been declared as the active certificate.
 

To configure EZproxy to listen on the standard https web server port 443, enter the following statement in your config.txt:

LoginPortSSL 443

You can configure EZproxy to listen on the standard http web server port 80 and the standard https web server port 443 by entering the following two lines in your config.txt:

LoginPort 80
LoginPortSSL 443

Using Secure and Unsecure Virtual Ports

You can use a combination of LoginPort and LoginPort SSL to direct EZproxy to act as though it is listening on ports 80 and 443, but actually listen on ports 8080 and 8443. This configuration only works if a firewall is performing network address translation of external port 80 to internal port 8080 and external port 443 to internal port 8443.

LoginPort -Virtual 80
LoginPort 8080
LoginPortSSL -Virtual 443
LoginPortSSL 8443
 

The following directives interact with or control functions related to this directive:

Interface
LoginPort
Option ForceHTTPSLogin
RunAs

Related Concepts

SSL configuration
 

This page last revised: March 2, 2015