Installing on NGINX
Install a PingAccess agent on an NGINX system.
Before you begin
This procedure makes the following assumptions:
-
The PingAccess NGINX agent zip content is extracted to the
$PINGACCESS_AGENT_NGINX
folder.Amazon Linux 2 systems use the Red Hat Enterprise Linux 7 download bundles. -
The NGINX installation is assumed to live at $NGINX. In the steps in this procedure, modify the paths specified based on where your NGINX installation and configuration files are located.
-
You have downloaded the installation package from the PingAccess Downloads page.
About this task
To install the PingAccess agent for NGINX, perform the following steps:
The agent RPM has required dependencies that might be available through standard repositories. If these dependencies are not available in your Linux version, you can install them using the included |
Steps
-
Install the NGINX module:
yum install pingaccess-agent-nginx-.rpm lib.rpm
-
In the PingAccess console, go to Applications > Agents.
-
Edit a configured agent.
If the agent has not yet been created, see the Agents section of the PingAccess User Interface Reference Guide.
-
In the shared secret, click the Download icon to download the agent properties file.
-
Copy the agent properties file to
$NGINX/paa/agent.properties
. -
If you are installing on NGINX OSS, edit the
agent.properties
file and set theagent.engine.configuration.maxConnections
property value to0
. -
To load the PingAccess agent for NGINX module, add the following directive to the NGINX configuration file,
$NGINX/nginx.conf
.load_module modules/ngx_http_paa_module.so;
-
To configure the PingAccess Agent for NGINX module, add the following directive to the NGINX configuration file,
$NGINX/nginx.conf
, within the http {} block.include $NGINX/paa/http.conf;
In PingAccess Manage Agents, PingAccess Host must match the certificate CN or Subject Alternative Name (SAN).
-
To enable the PingAccess Agent, modify the following property in the file
$NGINX/paa/http.conf
.paa_enabled on;
If
agent.engine.configuration.failover.hosts
inagent.properties
is set, thepaa_upstream
and upstream blocks in the providedhttp.conf
file will need to be updated to a value consistent with a CN or SAN of the certificate associated with the PingAccess Agent HTTPS Listener. Otherwise, you will not be able to establish an HTTPS connection to either the primary or the backup server. -
If you are installing on NGINX OSS, edit the
$NGINX/paa/http.conf
file and comment out the line containing the queue directive.For example:
# queue 65536;
-
Restart the NGINX server:
-
To stop the NGINX server, run the following command.
sudo systemctl stop nginx
-
To start the NGINX server, run the following command.
sudo systemctl start nginx
-