Skip to content

Manual configuration and connection of the Windows Edge Gateway

Information

The instructions on this page also apply to duplicate instances of the Windows Edge Gateway.
However, you will need to adapt the various references of IPdivaGateway to IPdivaGateway-2 or to any other suffix that has been configured.

Prerequisites

To perform the following operations, you must have administrator rights on the machine.

Place the certificate that the Windows Edge Gateway will use to connect to the Mediation Controller in the <INSTALLDIR>\IPdiva\IPdivaGateway\conf\ssl\ directory.

Then edit the <INSTALLDIR>\IPdiva\IPdivaGateway\conf\gateway.xml file:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
<gateway>
    <server>SERVER:PORT:ssl</server>
    <ticket>
        <hmac></hmac>
    </ticket>
    <pipe>
        <ping-timeout>60000</ping-timeout>
        <push-timeout>20000</push-timeout>
        <pop-timeout>20000</pop-timeout>
        <fifo-sent-len>200000</fifo-sent-len>
        <rout-max-lock>20000</rout-max-lock>
    </pipe>
    <timeout>
        <reconnect>15000</reconnect>
    </timeout>
    <ssl>
        <cert>CERT</cert>
        <password>PASSWORD</password>
        <ca-dir>C:\Program Files (x86)\Systancia\IPdiva\IPdivaGateway\conf</ca-dir>
        <cipherlist>!ADH:!AECDH:!MD5:kEECDH+AES:kEDH+AES:AES256+RSA:3DES+RSA</cipherlist>
    </ssl>
    <proxy>
        <type></type>
        <address></address>
        <login></login>
        <password></password>
        <domain></domain>
    </proxy>
    <webaccess>
        <useragent>true</useragent>
        <autoauth>true</autoauth>
        <forceauth>false</forceauth>
    </webaccess>
</gateway>

Apply the following replacements:

  • SERVER must be replaced by the address of the cyberelements.io SSL Router or by the DNS name or IP address used to access the SSL Router of a cyberelements Cleanroom platform.
  • PORT must be replaced by the SSL Router access port, which is usually 443
  • CERT must be replaced by the absolute path to the certificate file that the Windows Edge Gateway will use
  • PASSWORD must be replaced by the certificate password
Example

Taking into account the information below:

  • Access to SSL Router : my-ssl-router.domain.local:443
  • Emplacement du fichier de certificat : C:\Program Files (x86)\Systancia\IPdiva\IPdivaGateway\conf\ssl\my-edge-gateway-windows.p12
  • Certificate password : MyP@ssw0rd
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
<gateway>
    <server>my-ssl-router.domain.local:443:ssl</server>
    <ticket>
        <hmac></hmac>
    </ticket>
    <pipe>
        <ping-timeout>60000</ping-timeout>
        <push-timeout>20000</push-timeout>
        <pop-timeout>20000</pop-timeout>
        <fifo-sent-len>200000</fifo-sent-len>
        <rout-max-lock>20000</rout-max-lock>
    </pipe>
    <timeout>
        <reconnect>15000</reconnect>
    </timeout>
    <ssl>
        <cert>C:\Program Files (x86)\Systancia\IPdiva\IPdivaGateway\conf\ssl\my-edge-gateway-windows.p12</cert>
        <password>MyP@ssw0rd</password>
        <ca-dir>C:\Program Files (x86)\Systancia\IPdiva\IPdivaGateway\conf</ca-dir>
        <cipherlist>!ADH:!AECDH:!MD5:kEECDH+AES:kEDH+AES:AES256+RSA:3DES+RSA</cipherlist>
    </ssl>
    <proxy>
        <type></type>
        <address></address>
        <login></login>
        <password></password>
        <domain></domain>
    </proxy>
    <webaccess>
        <useragent>true</useragent>
        <autoauth>true</autoauth>
        <forceauth>false</forceauth>
    </webaccess>
</gateway>

In order to apply the new configuration, the Edge Gateway must be restarted.
This can be done by restarting the IPdiva Gateway service:

1
Restart-Service -Name 'IPdiva Gateway'