Previous Topic: Set up the Federation Systems to Work with a Load BalancerNext Topic: Federation System Administration

CA SiteMinder® Federation Standalone GuideLoad Balancing Support for Federation SystemHow to Configure Load BalancingConfigure Redirections to an SSL Load Balancer (optional)

Configure Redirections to an SSL Load Balancer (optional)

If the load balancer uses SSL, we recommend that you configure the system to redirect traffic over an SSL connection. To redirect traffic, modify the following two files on each federation system:

Note: Modify these files on all federation systems that are redirecting traffic.

Follow these steps:

  1. Navigate to federation_install_dir/secure-proxy/proxy-engine/conf/defaultagent.
  2. Open the WebAgent.conf file in an editor. Uncomment the line that begins localconfigfile then save the file.
  3. Open the LocalConfig.conf file in an editor.
  4. Add the following settings to the LocalConfig.conf file then save the file: 
    HttpsPorts="443"

    Specify the port on which the load balancer is listening.

    GetPortFromHeaders="YES"
  5. Navigate to federation_install_dir/secure-proxy/httpd/conf.
  6. Open the httpd.conf file in an editor.
  7. Locate the SeverName setting and specify the load balancer hostname:port. Do not enter the federation system server host name.

    Example:

    ServerName lb5.example.com:443
  8. After the ServerName setting, add the UseCanonicalName setting and set it to On. Example: 
    UseCanonicalName on

Federation system now redirects traffic over an SSL connection.