The Portal needs to know which client profiles are to be used by Portal users, as unlike the full client, these cannot be preconfigured.
Complete the following fields to configure the user access settings:
Client Profiles. Add one or more client profiles for the users to choose when they sign in.
Client Profiles from External Collectives. Adding External client profiles allows the Portal to be used in front of several different Collectives.
Client Profiles from External Collectives' URL. Paste one or more client profiles from the Client Connections page of the external Collective.
Listening Ports. By default, HTTPS (port 443) is open for incoming traffic. You can add additional ports which will also be proxied.
HTTP Redirect. By default, HTTP (port 80) will be redirected to port 443. By disabling HTTP Redirect the Portal will not respond on port 80.
The Portal operates as a reverse proxy when handling user traffic. This means that it must terminate any HTTPS connections, decrypt and then reestablish an onward HTTPS connection to the protected hosts. The Portal supports the use of multiple PKCS#12 files containing a certificate signed by a trusted CA (for the protected host) and the private key. An alternative to using multiple certs is a wild-card certificate, but this should be limited in scope because of the security implications in the event of its loss.
Proxied Entitlement Certificates - PKCS #12. Upload a PKCS #12 file which includes a CA signed wild-card certificate. Individual files can also be used - one for each entitlement's hostname.
File. Select the PKCS #12 file to upload.
Password. The password for the PKCS #12 file.
Verify Upstream. All upstream servers are checked for valid certificates that match their hostnames by default. See Adding third party certificates for more details