Connecting the Proxy Server to Dr.Web Server

Starting from version 11, Dr.Web Proxy Server can be connected to Dr.Web Server to configure settings remotely and to support the traffic encryption.

Connection Settings

Connection of the Proxy server to Dr.Web Server requires the following:

The Server certificate drwcsd-certificate.pem.

The Proxy server must have all certificates of all Servers to which the Proxy server connects and to which the client traffic is forwarded.

The Server certificate is required to connect to the Server for remote settings configuration and to support the traffic encryption between the Server and the Proxy server.

The Proxy server certificate is signed by the Server certificate and private key (the procedure is performed automatically on the Server after connection, and no administrator interception is required) and is required to connect Agents and to support the traffic encryption between the Agents and the Proxy server.

All the Server certificates are stored on the Proxy server in the drwcsd-proxy-trusted.list configuration file in the following format (the certificates records are separated by one or more empty lines):

[<certificate_1>]

 

[<certificate_2>]

 

[<certificate_3>]

...

The Server address.

The Proxy server connects to all Dr.Web Servers that are specified in its configuration file for the client traffic forwarding. But accepting settings are allowed only from a specific set of connected Servers that are marked as managing. If several Servers are marked as managing, then Proxy server connects to all the Servers by rotation until it gets the first valid (not empty) configuration.

Identifier and password to access the Server.

Credentials are available after creation of the Proxy server account via the Control Center (see Creating of the Proxy Server Account).

warning

Proxy server identifier and password are used  in a single copy. You must create the Proxy server accounts with the same credentials on all Servers to which the Proxy server connects.

Credentials are stored on the Proxy server in the drwcsd-proxy.auth configuration file in the following format:

[<Proxy_server_ID>]

[<Proxy_server_password>]

Connecting the Proxy Server to Dr.Web Server

warning

To be able to connect Dr.Web Proxy server, you must enable corresponding protocol at Dr.Web Server. To do this, in the Control Center in the Administration → Dr.Web Server configuration → Modules section, set the Dr.Web Proxy server protocol flag, save the settings and restart the Server.

Automatically within installation under Windows OS

If the Proxy server is installing within the Agent installation or on the station with the Agent installed, when connection to the Server is established automatically.

If the Proxy server is installed via the graphical installer under Windows OS, when connection to the Server is established automatically using the credentials specified by administrator in the installer settings.

After the Proxy server installation, the files for the connection to the Server are located by default in the following folder: %ALLUSERSPROFILE%/Doctor Web/drwcs/etc.

Manually for the installation under UNIX system-based OS

1.Install the Proxy server for UNIX system-based OS according to the procedure described in the Installing Proxy Server via the Installer section.

2.Create the Proxy server account using the Control Center as described in the Creating of the Proxy Server Account section.

3.Copy the Server certificate on the computer with the Proxy server installed.

4.In the drwcsd-proxy-trusted.list configuration file, specify the certificate copied on the computer at step 3: copy the contents of the certificate file and paste it into the configuration file according to the format above.

5.In the drwcsd-proxy.auth configuration file, specify the Server connection settings for the account created at step 2 according to the format above.

The drwcsd-proxy-trusted.list and drwcsd-proxy.auth files must be located in the following directories:

for Linux OS: /var/opt/drwcs/etc

for FreeBSD OS: /var/drwcs/etc

For the files, set the following permissions:

drwcsd-proxy-trusted.list 0644 drwcs:drwcs

drwcsd-proxy.auth 0600 drwcs:drwcs