Configuring proxy access

If the Stormshield KMaaS is located behind a proxy in your infrastructure, the service must be configured to enable the use of this proxy. To do so, add the URL of the proxy and any exclusions to the configuration file.

In RPM mode

Run the following command:
# systemctl edit cse.service
The override.conf configuration file is created in the /etc/systemd/system/cse.service.d directory if it was installed in the default directory.
Edit the file and copy the following text containing the environment variable for the proxy's URL:
[Service]

Environment="https_proxy=https://my-proxy.my-domain"

Where https://my-proxy.my-domain is the URL of the proxy used.
If you need to exclude certain endpoints from the proxy, declare them in the same file via the no_proxy environment variable. The possible values for this variable are the following:
- The * character means that all endpoints are excluded. This is equivalent to disabling the proxy.
- A domain, for example domain.com,
- A domain suffix, for example .domain.com,
- A v4 or v6 IP address, for example 192.168.1.10 or 2001:67c:2e8:22::c100:68b,
- A v4 or v6 IP address in CIDR, for example 172.30.0.0/16 or 2001:67c:2e8:22::c100:68b/128.
The different values must be separated by commas.

EXAMPLE
Example of a file cse.service in which the proxy is configured and different endpoints are excluded from the proxy:
[Service]
Environment="https_proxy=https://my-proxy.my-domain"
Environment="no_proxy=domain.com,192.168.1.10,2001:67c:2e8:22::c100:68b/128"
Reload the systemd service using the following command:
# systemctl daemon-reload
Start the systemd service using the following command:
# systemctl start cse
A startup log indicates that the service is launched in proxy mode. For more information, refer to Stormshield KMaaS Log Guide.