Configure one or more engine nodes within your cluster to manage client requests.
- Click Settings and then go to Clustering > Engines.
- Click Add Engine to configure a new engine node.
-
In the Name field, enter a name for the engine node.
Special characters and spaces are allowed.
- In the Description field, enter a description of the engine node.
- If applicable, specify an HTTP Proxy for the engine node. Click Create to create an HTTP proxy.
- If applicable, specify an HTTPS Proxy for the engine node. Click Create to create an HTTPS proxy.
- Specify the Engine Trusted Certificate to use for cases where a TLS-terminating network appliance, such as a load balancer, is placed between the engines and the administrative node.
-
Click Save & Download to generate and download a
public and private key pair into the
<enginename>_data.zip file
for the engine.
This file is prepended with the name you give the engine node. Depending on your browser configuration, you might be prompted to save the file.
-
Copy the zip file to the
<PA_HOME> directory of the
corresponding engine node in the cluster and unzip it.
The engine uses these files to authenticate and communicate with the administrative console.
Info:You can generate a new key for an engine node at any time by clicking Save & Download and extracting the <enginename>_data.zip archive on the engine node to replace the files with a new set of configuration files. When that engine node starts up and begins using the new files, PingAccess deletes the old key.
-
On Linux engine nodes, change the permissions on the extracted
pa.jwk to mode 400 by executing the command
chmod 400 conf/pa.jwk
after extracting the .zip file. - Start each engine node.