Notes on using the Clearswift SECURE ICAP Gateway installation wizard
The network settings displayed by the wizard reflect the settings you
created when configuring Red Hat Enterprise Linux. These settings are
displayed as read-only.
We recommend configuring the wizard immediately after the install and
before
configuring any additional network adapters. However, if you need
to reboot the machine before configuring the installation wizard, you
should disable your firewall as root user when your reboot is complete.
To disable your firewall, run the
service iptables stop
command. After you
complete the wizard, the firewall starts again automatically.
The system might take around 5-10 minutes to apply the settings before you can
use the Clearswift SECURE ICAP Gateway. We recommend visiting the
First Steps
topic in the online help when the Gateway interface is accessible.
Peering between v3 and v4 Clearswift Gateways
Due to security hardening on v4 Clearswift Gateways, we no longer
provide support for the TLS v1.0 protocol for peering. Only TLS v1.2 is
supported.
If you wish to peer v3 Gateways (for example, using PMM or Web
Gateway Reporter) with your v4 Gateway, you must
re-enable TLS
v1.0
on the 4.5.0 Gateway and
update the ciphers
.
These instructions should be applied
after
installing the 4.5.0 Gateway,
and after configuring the Gateway using the
Clearswift Installation
Wizard
.
3.3.1 How to re-enable TLS v1.0 on the 4.5.0 Gateway and update ciphers:
1. Search for the
sslEnabledProtocols
attribute in the following files:
/opt/tomcat/conf/
server-bind.xml
server-bind2.xml
2. Change the value of each protocol from 'TLSv1.2' to 'TLSv1,TLSv1.2'.
- 12 -