Skip to content

Configuring the PCoIP Connection Manager

Configuration settings for the PCoIP Connection manager are stored in /etc/ConnectionManager.conf as key/value pairs separated by an equals sign. One setting is described per line.

To configure a setting, open /etc/ConnectionManager.conf with a text editor and add or change the appropriate lines. For example, to set a PCoIP License Server address, you would add this line:

    LicenseServerAddress = <license-server-address>:<port>/request

Restart the PCoIP Connection Manager to apply your changes.

Configuration file formats and values are not validated

Configuration file formats and values are not validated. Incorrect configurations can result in components that do not work properly. Ensure you make backups before making changes.

Configuration Settings

Parameter Default Description
LogLevel INFO The minimum severity level of the messages written to the log. Acceptable values in increasing order of severity are: TRACE, DEBUG, INFO, WARN, and ERROR. Only messages that are at or above the configured LogLevel severity are logged. For information on log files, see PCoIP Connection Manager and Security Gateway Log Files.
BrokerType Type of broker of the PCoIP Connection Manager is using:
BrokerType = PCoIP
This is the only available option.
PcoipAddress IP Address or FQDN of the PCoIP broker that the PCoIP Connection Manager uses to authenticate users and obtain resource information; for example:
 PcoipAddress = 123.45.67.89:60443
SecurityGatewayEnabled false If set to true, the PCoIP Connection Manager uses the PCoIP Security Gateway to establish sessions and directs clients to connect to their sessions via the PCoIP Security Gateway. The PCoIP Security Gateway must be enabled and configured. If set to false, the PCoIP Connection Manager directs clients to connect directly to the agent hosting the selected resource.
LicenseServerAddress A single PCoIP License Server address and port number. Use the format http://<license-server-address>:<port>/request. Cannot be more than 1024 ASCII characters. Do not use <, >, or &.
To use Teradici Cloud Licensing, leave this unset.
ContentLengthEnabled false If set to true, the PCoIP Connection Manager always sets the Content-Length: XX in the HTTP response header. If set to false the PCoIP Connection Manager sends HTTP responses using chunked encoding.
BrokerMaxRespWaitSeconds 20 The time in seconds to wait for a response from the broker (other than for authenticate or allocate resource responses) before timing out.
BrokerMaxAllocateWaitSeconds 60 The time in seconds to wait for a response from the broker to an allocate resource request before timing out.
BrokerMaxAuthenticationWaitSeconds 30 The time in seconds to wait for a response from the broker to an authenticate request before timing out.
AgentMaxRespWaitSeconds 160 The time in seconds to wait for a response from the PCoIP agent before timing out.
AgentCertCheck false If set to true, the PCoIP Connection Manager validates the certificate presented by agents during resource allocation.
AgentCertMinKeyLength 1024 When AgentCertCheck is true, specifies the required minimum public key length of the certificate presented by the agent. Ignored when AgentCertCheck is false. The minimum allowable length is 1024.
BrokerCertCheck false If set to true, the PCoIP Connection Manager validates the certificate presented by the broker during authentication and resource retrieval.
BrokerCertMinKeyLength 1024 When BrokerCertCheck is true, specifies the required minimum public key length of the certificate presented by the broker. Ignored when BrokerCertCheck is false. The minimum allowable length is 1024.
ClientSSLCipherBlackList Lists the TLS cipher suites to be removed from the default list of cipher suites used for establishing a TLS connection to the PCoIP client. The cipher suites are specified by their RFC names and are separated by a colon. See PCoIP Connection Manager Supported TLS Cipher Suites. For example, specifying the 'TLS_RSA_WITH_AES_256_CBC_SHA: TLS_RSA_WITH_AES_128_CBC_SHA' string as the black list removes the specified two cipher suites.
ServerSSLCipherBlackList Lists the TLS cipher suites to be removed from the default list of cipher suites used for establishing a TLS connection to the connection broker and the PCoIP agent. The cipher suites are specified by their RFC names and are separated by a colon. See PCoIP Connection Manager Supported TLS Cipher Suites. For example, specifying the 'TLS_RSA_WITH_AES_256_CBC_SHA: TLS_RSA_WITH_AES_128_CBC_SHA' string as the black list removes the specified two cipher suites.
ControlChannelTLSEnabled true If set to true, the PCoIP Connection Manager uses TLS to establish a secure connection with the PCoIP Security Gateway to send control commands. Otherwise, the PCoIP Connection Manager sends control commands in plain text. If set to true, the PCoIP Security Gateway must also be configured to use TLS. For more information, see TCPControlLinuxExtCert.