Configuring engine nodes using an auto-registration file - PingAccess - 8.0

PingAccess

bundle
pingaccess-80
ft:publication_title
PingAccess
Product_Version_ce
PingAccess 8.0 (Latest)
category
Product
pa-80
pingaccess
ContentType_ce

Download a JSON Web Token (JWT)JSON Web Token (JWT)JWT An IETF standard container format for a JSON object used for the secure exchange of content, such as identity or entitlement information. To read the industry standard, see RFC 7519 to enable a new engine node to automatically register itself at startup in PingAccess.

Make sure that you've configured an administrative node and a replica administrative node.

Note:

For a comprehensive overview of the steps necessary to set up a clustered environment, see Configuring a PingAccess cluster in the Clustering in PingAccess reference guide.

  1. Click Settings and then go to Clustering > Engine Registration.
  2. If applicable, specify an HTTP Proxy for the engine.

    For more information about creating proxies, see Adding proxies.

    1. To create an HTTP proxy, click +Create.
  3. If applicable, specify an HTTPS Proxy for the engine.

    For more information about creating proxies, see Adding proxies.

    1. To create an HTTPS proxy, click +Create.
  4. Specify an Engine Trusted Certificate if a TLS-terminating network appliance, such as a load balancer, is placed between the engines and administrative node.
    Note:

    Select the certificate that the network appliance uses. The certificate helps establish a secure HTTP connection with the administrative node.

  5. In the Token Duration field, enter the number of seconds for which the generated JWT is valid.
  6. Click Download.
  7. Add the JWT file to the engine node:
    • If the engine node is not a container, copy the JWT file to the <PA_Home>/conf directory.
    • If the engine node is a container, inject the JWT as an environment variable named REGISTRATION_TOKEN.
  8. Optional: Modify the name of the engine node:
    • If the engine node is not a container, open the <PA_Home>/conf/engine-registration.properties file and update the <engine.admin.api.engineName> value.
    • If the engine node is a container, inject the engine node name as an environment variable named ENGINE_NAME.
  9. Start the engine node.

If you specified any proxies, enable the Use Proxy option for any sites, token providers, and third-party services that require the use of a proxy. For more information, see Adding sites and the Token provider section.