Administration Center - Settings - Proxy

When you Complete start-up wizard - v. 1.x/Complete start-up wizard - v. 2.x you have the choice to configure a proxy server (such as Squid) if your organization requires internal systems to use one for all connections. These proxy settings are also available here in the Administration Center:

Extension Downloader limitation (for Console ≤ 1.24)

The Extension Downloader (a tool present on each Node which is used by Console in ≤ 1.24 to download extensions) cannot be configured to obey a manual proxy configuration defined in Console. Instead, if your organization uses a proxy, CAST recommends that:

you define the required proxy configuration at system level (i.e. operating system level) on all Nodes
define a manual proxy configuration using the settings described below - this ensures that everything else will connect through the proxy

Extension Downloader was replaced with ExtendCli in Console ≥ 1.25, therefore this limitation is no longer applicable for newer releases of Console.

Windows Services

Console and the Nodes packages are configured to run through Windows Services, therefore it is important to ensure that the user login configured to run the Windows Services has permission to access any proxy that you define. If the user running the Windows Services cannot access the proxy, then Console/Nodes will not be able to access the required resources. See the sections regarding the configuration of the Windows Services in:

No Proxy

Default setting. No proxy required.

Use system proxy settings

This option will force Console and all Nodes to use the host machine's system proxy settings for all communication (i.e the proxy settings defined on each host server).

Manual proxy configuration

This option allows you to configure your own proxy settings specifically for Console and all Node communication (for example if you do not want to use the system proxy settings set on the host or you are using a custom proxy script). These are applied to Console and all Nodes:

Host	Enter the IP address/URL of the proxy server you need to use.
Port	Enter the port number of the proxy server you need to pass through.
Username/password	If your proxy requires authentication, you can enter the required credentials in these fields.
Excluded Address	These options enable you to exclude certain destination addresses from using the manually configured proxy settings: The value of this property is a list of hosts, separated by the semicolon ';' character. In addition, the wildcard character '' can be used for pattern matching. For example ”.foo.com;localhost” will indicate that every host in the foo.com domain and the localhost should be accessed directly even if a proxy server is specified. CAST highly recommends excluding the following URLs when you are using the Manual Proxy option: CAST Dashboard URL defined in Administration Center - Settings - Dashboard Integration CAST Imaging URL defined in Administration Center - Settings - Imaging Settings If the Node/server accessing the CAST Extend Service is configured to pass all outgoing connections through a proxy (via the Windows proxy settings or via the Console settings), then you may need to also whitelist the IP address/host name of the server running CAST Extend Service in order to route connections correctly

When the proxy option is changed, Console will attempt to connect to CAST Extend (or CAST Extend local server) - if it cannot connect, then an error will occur and it will not be possible to change the option:

Note about HTTPS connections

If your proxy system intercepts HTTPS connections, you may need to ensure that the HTTPS certificate for your proxy system is imported into the trusted "cacerts" Java keystore on each Node machine. This can be actioned with the Java Keytool (supplied with your Java installation on the node), for example using the following command:

keytool -importcert -trustcacerts -file [path_to_cert_file] -alias [alias] -keystore %JAVA_HOME%\lib\security\cacerts