Add an additional proxy

After the first Edge Encryption proxy is properly configured and tested, you can set up additional proxies on a Linux or Windows machine. Installing multiple proxies on the same machine is not recommended.

About this task

Add additional proxy servers on additional machines to ensure an optimal environment. See Sizing your Edge Encryption environment to determine the number of additional proxies needed.

Note: Make sure that all proxies have the same encryption keys and the same RSA key pair used to digitally sign encryption configuration and encryption rules. If a proxy database was set up as part of the installation, all proxies must use the same proxy database.

Procedure

  1. Install the proxy using the command for Linux. See Install the Edge Encryption proxy server on Linux or Windows.
  2. Copy all the encryption keys and the edgeencryption.properties file from the first proxy to the new proxy.
    Encryption keys may be located in the proxy keystore, in the /keys directory, or in a SafeNet KeySecure keystore.
  3. Open the edgeencryption.properties file on the new proxy.
  4. Change the following properties:
    Property Description
    edgeencryption.proxy.name Unique name of the proxy server
    edgeencryption.proxy.host The server name, IP address, or fully-qualified domain name of the computer running the proxy. Do not change this property if installing the proxy server on the same machine the properties file was copied from.
    edgeencryption.proxy.http.port Port on the proxy for HTTP communication. Must be unique across all processes on the machine.
    edgeencryption.proxy.https.port Port on the proxy for HTTPS communication. Must be unique across processes on the machine.
  5. If installing the proxy server on a Windows machine, you must change the name of the service. Open the conf/wrapper.conf file on the new proxy and add the following properties.
    Caution: You must perform this step before launching the proxy server.
    Property Description
    wrapper.ntservice.name Unique name of the Edge Encryption proxy service.
    wrapper.ntservice.displayname Edge Encryption proxy service display name.
    wrapper.ntservice.description (Optional) Proxy server description.
  6. Save and close the file.
  7. Launch the proxy using the appropriate command. See Start the Edge Encryption proxy.