Management Console Launcher for systems without Internet connectivity
search cancel

Management Console Launcher for systems without Internet connectivity

book

Article ID: 169208

calendar_today

Updated On:

Products

ProxySG Software - SGOS Advanced Secure Gateway Software - ASG

Issue/Introduction

SGOS 6.6.5.1 and Advanced Secure Gateway (ASG) 6.6.5.1 introduced Java Web Start support, which provides an alternative for deployments that cannot use the legacy method of accessing the console directly in a browser. The Management Console Launcher allows you to manage and launch multiple SGOS or Advanced Secure Gateway Management Console instances from a single interface.

Note: For systems running Java 11, see Support for Java 11 on ProxySG and Advanced Secure Gateway appliances.

Resolution

Please Note
The following instructions are only for systems that do not have Internet access.

  1. Download the loader.jar file attached to this article.
    Alternatively, download the file from the appliance. Enter the following address in a browser:
    https://<appliance_address>:8082/Secure/Local/console/r<build_number>/loader.jar)
    where <build_number> is the Release ID of the default system in the output for #(config installed-systems)view
  2. Host the JAR file on a local web server in the isolated environment.
  3. Create a new text file called launcher.jnlp.
  4. Add the following code to the JNLP file:
    <?xml version="1.0" encoding="UTF-8"?>
    <jnlp spec="1.5+" codebase="https://internal.website.example.com">
        <information>
            <title>Launch the Management Console with Java Web Start</title>
            <vendor>Symantec Corporation</vendor>
            <offline-allowed/>
        </information>
        <security>
            <all-permissions />
        </security>
        <resources>
            <java version="1.8+" href="http://java.sun.com/products/autodl/j2se"
             java-vm-args="--add-opens=java.base/java.net=ALL-UNNAMED --add-exports=jdk.javaws/com.sun.jnlp=ALL-UNNAMED --add-opens=java.base/sun.net.www.protocol.http=ALL-UNNAMED --add-exports=java.base/sun.net.www.protocol.jar=ALL-UNNAMED --add-opens=jdk.deploy/com.sun.deploy.net.protocol.jar=ALL-UNNAMED --add-exports=jdk.deploy/com.sun.deploy.security=ALL-UNNAMED --add-opens=jdk.deploy/com.sun.deploy.net.protocol.https=ALL-UNNAMED --add-opens=java.desktop/javax.swing=ALL-UNNAMED --add-opens=java.desktop/javax.swing.plaf.basic=ALL-UNNAMED --add-exports=java.base/sun.security.x509=ALL-UNNAMED --add-exports=java.base/sun.net.util=ALL-UNNAMED"/>
            <jar href="example-URL-to-file/loader.jar" main="true" download="lazy" />
         </resources>
    <application-desc name="Loader" main-class="bluecoat.sgos.ui.loader.Loader" width="300" height="200">
                <argument>SGHOST= </argument>
                <argument>SGPORT=8082</argument>
                <argument>SGPROTOCOL=https</argument>
        </application-desc>
    </jnlp>
  5. Modify the file contents as follows:
  • For jnlp codebase=  specify the root of JAR file location.
  • In the <resources> section, for jar href= specify the path to the JAR filename relative to the code base.
  • (Optional) In the <application-desc> section, for the SGHOST= argument, specify an appliance IP address. The Launcher will open with this address configured by default. Otherwise, leave a space after SGHOST=.

Details on JNLP syntax can be found here http://docs.oracle.com/javase/7/docs/technotes/guides/javaws/developersguide/syntax.html

Additional Information

Depending on the security requirements of your system and the certificates you already have installed on your system, you might need to download and install a new root and intermediate Certificate for the Java Management Console Launcher to work.

Attachments

1697658551640__loader.jar get_app