Configuring proxy authentication
You can configure proxy server connections for both the integration server and apps.
You can configure a connection to a proxy server between the integration server and the SOAR Platform, and between an app and the SOAR Platform.
To set authentication, you need to know your proxy server settings, such as DNS name or IP address, port number, and account name (if necessary).
Integration server
You can configure integration server proxy connection with environmental variables. The environmental setting supersedes the proxy settings in the [resilient] section of the app.config files.
- At the system that hosts the integration server, edit the environmental file to add the
following variables.
HTTP_PROXY=<proxy> HTTPS_PROXY=<proxy info> NO_PROXY=<localhost and other ips that don't need proxy>The following command is an example.HTTP_PROXY=http://proxy.corp.com:8080 HTTPS_PROXY=http://proxy.corp.com:8080 NO_PROXY=localhost,127.0.0.1,0.0.0.0,localaddress,corp.com,10.0.0.0/8The HTTP_PROXY and HTTPS_PROXY are redirects. You can have the HTTPS_PROXY redirect HTTPS traffic to an HTTP URL.
If you use the
--no-proxyoption to ignore the proxy server when connecting to your SOAR Platform, specify the fully qualified domain name (FQDN) or the IP address that is specified as the host in the app.config file. Wildcard and IP address ranges are not supported between the integration server and SOAR Platform. - At the SOAR Platform, update the system's cacerts
to trust the CA certificate from the proxy itself by adding the certificate in PEM encoding to
/etc/pki/ca-trust/source/anchorsthen run the following command.sudo update-ca-trust - Restart the system.
Apps
[fn_my_app]
# To override, add any parameter to your specific integration section
http_proxy=<PROXY URL>
https_proxy=<PROXY URL>
timeout=120