Skip to main content

Installing a proxy server using idmsetup.inf

When you install Bravura Security Fabric on the main server, an idmsetup.inf file is created in the psconfig directory. You can use this file to aid the installation of proxy servers. It contains the encrypted communication key (or Master Key), the Connector encryption key, and other correct default values for prompts during installation.

It is highly recommended that you:

  • Copy the idmsetup.inf file to each proxy server and place it in the same directory from which you will run the installer (proxy.msi).

  • Ensure the architecture of the proxy server matches the architecture of the primary server. For example, if the primary instance is installed on a 32 bit operating system, then idmsetup.inf should be used on a 32 bit operating system.

    Your proxy server configuration must match that of your Bravura Security Fabric server.

Websocket Connector Proxy (Proxy Tunnel feature) prerequisite

To configure Proxy Tunnel clients (Websocket Connector Proxy) or persistent listing on proxy server, a port and password must be generated for use during the installation.

To generate these values:

  1. Log in to the main Bravura Security Fabric server as a superuser.

  2. Click Manage the system > Resources > Proxy tunnel clients.

  3. Click Add new.

  4. Assign the name to tunnel client and port number that the proxy server will listen to.

  5. If configuring persistent listing on proxy server, assign the port number the Persistent Connector Service listens on.

    Ensure you choose a port that is not already in use as all nodes need to be able to listen on it. The port only needs to be available locally and does not need to be allowed through the firewall.

  6. Click Add new.

  7. Click Generate password to generate a password that will be used when installing the Proxy Tunnel on a proxy server.

    Once the password is generated, copy it and save it in a safe location. The password is not recoverable if the page times out or you navigate away from the page. If that happens, a new password must be generated.

    The password binds you to the chosen port, so a new password is required when installing another client.

Installation steps

To install a proxy server using the idmsetup.inf configuration file:

  1. If configuring the Websocket Connector Proxy (Proxy Tunnel feature) complete prerequisite tasks.

    These steps are necessary to configure the port being used and generate a password for the installation.

  2. Log in to the host Windows server as member of the Administrators group.

  3. If required, download and unzip the Bravura Security Fabric distribution folder.

    Contact your Bravura Security account representative for details.

  4. Copy idmsetup.inf from the psconfig directory on the primary server to the proxy server and place it in the root of the distribution folder.

  5. Launch the setup program located at the root of the distribution folder.

  6. If you already have a Bravura Security Fabric instance installed on the Windows server, setup displays the Select an instance to configure page. Click Install New to proceed.

    The setup program asks you to choose a product to install.

  7. Select Bravura Security Fabric Proxy Server.

    Click Next .

  8. Verify that instance name is already filled in and optionally enter a description.

    Click Next .

  9. Click Next .

    The setup program performs a pre-installation check and verifies all installation requirements.

  10. If all of the checks are successful, click Next to proceed with the installation.

    If any of the pre-install checks produce warnings or errors, click Report for details. See Troubleshooting for additional troubleshooting information.

    The setup program launches proxy.msi.

  11. Click Next .

  12. Read and accept the license agreement.

    Click Next .

  13. Choose the setup type:

    • Typical to accept recommended default settings.

      If the default port 3344 is in use, setup increments to the next available port. Ensure the port is open.

    • Custom to select:

      • Components to install – By default, Proxy Server is selected. Proxy Tunnel and Persistent connector service are optional.

        Install Persistent connector service to configure persistent listings to run on proxy server.

        Install the Proxy Tunnel feature (Websocket Connector Proxy) to avoid having to open inbound TCP ports. The Proxy Tunnel service tunnels communication between the proxy server and the instance server using outbound HTTPS.

        43403.png

      • Installation, log file, and lock file paths – must be the same relative paths as configured for the main Bravura Security Fabric server

      • Proxy port – default is 3344

      • Persistent Connector Service port – default is 4567

  14. Verify that the psadmin passwords are already filled in (masked with stars).

    Click Next .

  15. Verify that the communication key (or Master Key) and Connector encryption key are the same as those entered for the main Bravura Security Fabric server.

    Click Next .

  16. If you installed Proxy Tunnel, verify that Bravura Security Fabric Proxy Server tunnel connection URL and tunnel client password are filled.

    • Use your load balancer URL for theBravura Security Fabric Proxy Server (<instance>) tunnel connection URL field.

      The proxy tunnel client will use that URL to retrieve the list of nodes to directly connect to. This is obtained through the node's external address, which must be reachable.

    image idm10201

  17. If you installed Bravura Privilege, verify that the Data Key is the same as the one entered for the main Bravura Security Fabric server.

    Click Next .

    The installer displays the Confirm Installation page.

  18. Click Next to start the installation.

    The installer begins copying files to your computer. The Installation Complete page appears after the Proxy Service (psproxy) has been successfully installed.

  19. Click Finish to exit.

Next:

Install Connector Pack and client software for the systems that Bravura Security Fabric will interact with.

In this section: