Configuring the PCoIP License Server¶
The PCoIP License Server requires minimal configuration. This section describes the configuration settings and options available.
Use HTTPS/TLS whenever possible
Teradici strongly recommends that you change the default protocol from http to https, as described in Enabling TLS.
Important: Configure PCoIP Agents and Connection Managers
The PCoIP License Server URL must be provided to the Connection Manager managing your PCoIP agents, or to each of your PCoIP Agents if you are not using a Connection Manager. The License Server URL format is:
https://<license-server-address>:<port>/request
If you have not configured your PCoIP License Server to use HTTPS/TLS, use http:// instead of https://.
Setting the License Server's Administrator Password¶
The License Server administrator's password is set using the pcoip-set-password
command. You must have superuser (sudo) permissions to use pcoip-set-password
.
Info: Password Rules
Passwords should be surrounded with single quotation marks like 'password', and must conform to the following rules:
- Must be between 8 and 30 characters long
- Must contain at least one lowercase letter
- Must contain at least one uppercase letter
- Must contain at least one digit
- Must contain at least one symbol, excluding ' (single quote), " (double quote), \ (backslash), and spaces.
To set the PCoIP License Server Password:
-
Invoke
pcoip-set-password
to set your new password.Note: Default password
The default password in new installations is
1P@ssw0rd!
, where the leading1
is a numeral one and0
is a zero. When setting the password on a clean installation, use this as your curent password.-
If you do not supply any flags, you will be prompted for your current and new passwords:
sudo pcoip-set-password
-
You can also supply the current and new password inline, by using
-p
and-n
flags:sudo pcoip-set-password -p <current password> -n <new password>
-
Configuring the License Server's Listening Port¶
The PCoIP License Server listens for communication from PCoIP agents in your deployment on a defined listening port. By default, this listening port is set to 7070, but can be changed by specifying the PORT setting in the /opt/flexnetls/TERADICI/local-configuration.yaml configuration file.
Enable HTTPS/TLS
Teradici strongly recommends enabling HTTPS/TLS for secure communications with the PCoIP License Server. For instructions, see Enabling TLS.
PCoIP agents and License Server must use the same port
PCoIP agents are configured to use port 7070 by default. If you change the license server port, you must also change the configuration of all PCoIP agents that use it.
To change the license server listening port:
-
Open /opt/flexnetls/TERADICI/local-configuration.yaml in a text editor.
-
Locate the port assignment line:
... \# HTTP listening port. Default is 7070\. You can bind to an interface with this syntax: '[127.0.0.1].7070'. port: 7070 ...
-
Change the value of
port
to the new value. The port number must be an integer between 1 and 65535.Reserved port numbers
Port numbers below 1024 are reserved for processes running as root unless you are using port forwarding, or tools like setcap, setuid, or authbind.
-
Save the file and exit the editor.
-
Restart the license server for the new value to take effect:
sudo systemctl restart flexnetls-TERADICI
-
Update the configuration of any PCoIP agents that communicate with this PCoIP License Server. For instructions, see one of the following guides:
Configuring Proxy Settings¶
The license server can access the Internet via a proxy to activate, return, and update its licenses. The proxy server is specified by its address and port number.
Proxy settings are configured using the pcoip-configure-proxy
command. Only a user with superuser privileges may invoke this command.
Configure and Use a Proxy¶
Use pcoip-configure-proxy
with -s
and the following information:
- The address and port number of the proxy server, formatted as
<address>:<port>
- If the proxy server requires authentication, provide the username and password with the
-u
and-p
options.
For example, to configure the license server to proxy internet traffic via a proxy server at proxy.domain.local on port 1234:
sudo pcoip-configure-proxy -s proxy.domain.local:1234
This example configures the license server to proxy internet traffic via a proxy server at 192.168.0.12 on port 10443, and provides credentials using -u
and -p
.
sudo pcoip-configure-proxy -s 192.168.0.12:10443 -u username -p password
View Proxy Settings¶
Use pcoip-configure-proxy
with -v
. For example:
sudo pcoip-configure-proxy -v
Clear Proxy Settings¶
To clear proxy settings, which will stop the PCoIP License Server from using a proxy, use pcoip-configure-proxy
with -c
. For example:
sudo pcoip-configure-proxy -c