Configuring a reverse caching proxy
Configure a reverse proxy that directs all traffic to your HCL Connections deployment to a single server.
Before you begin
Ensure that you have installed IBM® WebSphere® Edge Components which is supplied with WebSphere® Application Server Network Deployment. For more information, go to the WebSphere® Edge Components on the IBM Documentation site.
You must also have completed the basic configuration of WebSphere® Edge Components, set up a target backend server, and created an administrator account.
About this task
The IBM® WebSphere® Application Server Edge components provide a caching proxy that you can use to optimize your deployment. Edge components are provided with the WebSphere® Application Server Network Deployment software.
A reverse proxy configuration intercepts browser requests, forwards them to the appropriate content host, caches the returned data, and delivers that data to the browser. The proxy delivers requests for the same content directly from the cache, which is much quicker than retrieving it again from the content host. Information can be cached depending on when it will expire, how large the cache should be, and when the information should be updated.
This topic describes how to configure the Edge components to optimize the performance of HCL Connections.
Procedure
- Open the ibmproxy.conf configuration
file for the Edge components in a text editor. The file is stored
in the following directory:
- AIX® or Linux™: /etc/
- Microsoft™ Windows™: C:\Program Files\IBM\edge\cp\etc\en_US\
- Make the following edits to the file:
- Save and close the ibmproxy.conf file.
- Update the dynamicHosts attribute in the LotusConnections-config.xml file
to reflect the URL of the proxy server:
<dynamicHosts enabled="true">
<host href="http://proxy.example.com"
ssl_href="https://proxy.example.com"/>
</dynamicHosts>
Notes:- The dynamic hosts settings does not affect interservice URLs. Therefore, even when the proxy server is enabled, HCL Connections still routes internal communication between the applications through their own interservice URLs. You can force this internal traffic to be routed over the proxy server by updating the interservice URLs to use the proxy server.
- Add the
isExternal
attribute to the Sametime configuration in LotusConnections-config.xml if you configured Sametime awareness through the Sametime server as described in Adding Sametime awareness through the Sametime server. Each href attribute in the LotusConnections-config.xml file is case-sensitive and must specify a fully-qualified domain name.
- Optional: If you are using Connections Content Manager, you must reconfigure FileNet Collaboration Services to be aware of your reverse proxy. Set fncsServerURL, fncsServerURLSecure and icURI properties as described in Configuring FileNet Collaboration Services for the Connections Content Manager.
- Using iKeyman, extract certificates from HCL Connections and add them to the proxy server
key database:Note: Be sure to use iKeyman that comes with the HTTP server, since it does not come with the proxy.
- Open the HCL Connections kdb file and extract the certificates.
- Open the kdb file on the proxy server and add the certificates that you extracted from HCL Connections.
For more information about iKeyman, go to the topic in the IBM® HTTP Server information center. - Restart the Edge server.