Configuring the PCoIP Connection Manager and PCoIP Security Gateway¶
You can configure the PCoIP Connection Manager and/or the Security Gateway using the pcoip-cmsg-setup configure
command.
The general syntax is:
sudo pcoip-cmsg-setup configure <flags>
For example, to specify a broker url, you would open a console window and enter the following:
sudo pcoip-cmsg-setup configure --broker-url https://<example>
Configuration Flags and Options¶
The following flags can be used to provide values at the command line.
Flag | Type | Description |
---|---|---|
--broker-url |
String | The URL of the PCoIP Broker, specified either as a https:// Required. |
--clear-host-address |
Boolean | Clears the host address. |
--ca-cert |
String | The full path and filename of the custom Certificate Authority's public certificate to be used in the PCoIP Connection Manager and PCoIP Security Gateway. Required if --self-signed is not used. |
--clear-trusted-license |
Boolean | Clears trusted license certificate and key. |
--compose-file |
String | Specify the full path to a local docker-compose file. |
--docker-password |
String | Password to login to private registry. |
--docker-registry |
String | Specifies the HP source for Anyware Connector images to be install from. Debugging only: This is intended to be used for debugging purposes and should not be used without guidance from HP support. Using this flag incorrectly can result in failed installations. |
--docker-username |
String | Username to login to private registry. |
--enable-collaboration |
Boolean | Allow multiple PCoIP clients to collaborate on a PCoIP agent. (default true) |
--external-pcoip-ip |
StringArray | Sets the public IP addresses of VM which hosts Security Gateway. This option can be used twice, once for IPv4 and once for IPv6 (if using). Required if PCoIP Security Gateway is enabled. |
--help |
Display configuration help. | |
--host-address |
stringArray | Sets the host FQDN/IP address. The option may be used twice (once for the IP address and once for the FQDN) |
--license-server-url |
String | The address of the locally installed PCoIP License Server. Example: https://<license-server-address>:<port> |
--ssl-cert |
String | The full path and filename of the SSL certificate to be used in the PCoIP Connection Manager and PCoIP Security Gateway. Required if --self-signed is not used. |
--ssl-key |
String | The full path and filename of the SSL key to be used in the PCoIP Connection Manager and PCoIP Security Gateway. Required if --self-signed is not used. |
--trusted-license-cert |
String | Trusted Customer License certificate path. Defaults to /opt/teradici/pcoipcm_data/certs/tcl-cert.crt). |
--trusted-license-cert-key |
String | Trusted Customer License certificate key path. Defaults to /opt/teradici/pcoipcm_data/certs/tcl-cert.key. |
--docker-network-cidr |
String | Sets CIDR for Connection Manager's docker network for services. |
--enable-horizon |
Boolean | Enables/Disables HP Anyware to be brokered with VMware Horizon (Default=false). |
--external-sg-ip |
StringArray | Sets public IP addresses of external Security Gateways to enable gateway failover if a Security Gateway becomes unavailable. IP address should be provided in the format --external-sg-ip=ipAddr1 --external-sg-ip=ipAddr2... |
--jwt-verifying-cert |
String | The full path and filename of the certificate that the Security Gateway should use to validate the JWT token. |
--jwt-signing-key |
String | The full path and filename of the key to sign a JWT. It is used by the Connection Manager for signing the JWT token. |
Federated Authentication Flags
Flag | Type | Description |
---|---|---|
--enable-oauth |
Boolean | Enables Oauth authentication. (Default=False) |
--id-provider-url |
String | Sets the identity provider URL. Example: --id-provider-url https://provider-1234567890.id.provider.com. This flag is required if --enable-oauth is true . |
--oauth-client-id |
String | Gets the Client ID from the Identity Provider. This flag is also required if --enable-oauth is "true". |
Federated Authentication Single Sign-On Flags
Flag | Type | Description |
---|---|---|
--fa-url |
String | Override the fhe Federated Auth Broker URL provided to the PCoIP Agent. This flag can be used if auto-detection is not correcting determining the connector address. for example https://cac-vm-fqdn:port |
--enable-sso |
Boolean | Enables SSO. (Default=False) |
--sso-signing-csr-ca |
String | Path to copy intermediate CA Certificate. |
--sso-signing-csr-key |
String | Path to the intermediate key. |
--sso-signing-crl |
String | Path to a certificate revocation list. |
--sso-enrollment-url |
String | Gets the URL to the Active Directory Certification Authority Web Enrollment Service. |
--sso-enrollment-domain |
String | Domain of the user to access Active Directory Certification Authority Web Enrollment Service. |
--sso-enrollment-username |
String | Username for accessing Active Directory Certification Authority Web Enrollment Service. |
--sso-enrollment-password |
String | Password for the username to access Active Directory Certification Authority Web Enrollment Service. |
--sso-enrollment-certificate-template-name |
String | Name of the certificate template that Active Directory Certification Authority Web Enrollment Service uses to sign CSR. |