1. home icon for breadcrumbs >
  2. Proxy Configuration

Proxy configuration

This section explains how to use a proxy server to communicate with Qualys Cloud Platform.

 If a proxy connection fails, then the Cloud Agent does not use direct connection (Fail Closed).

Steps for Proxy Configuration

  1. Create the /Library/Application Support/QualysCloudAgent/Config/proxy file if it doesn't exist.
  2. Add one of the following commands in the proxy file: 
    https_proxy=https://[<username>:<password>@]<host>[:<port>]
    or
    qualys_https_proxy=https://[<username>:<password>@]<host>[:<port>]

    Specify the <username> and <password> if the https proxy uses authentication. URL-encode the special characters present in the username and password (@, ;, &). The <host> defines the proxy server's IPv4 address or FQDN and <port> defines the proxy's port number.

    If the proxy is specified with the https_proxy environment variable, it is used for all commands performed by the Cloud Agent. If the proxy is specified with the qualys_https_proxy environment variable, it is used to communicate with Qualys Cloud Platform only.

    Use the Proxy Configuration Encryption Utility to encrypt the username and password.
  3. Use the following commands to change the Cloud Agent permissions:
    chown root/Library/ApplicationSupport/QualysCloudAgent/Config/proxy

    chmod 660 /Library/Application Support/QualysCloudAgent/Config/proxy

Alternatively, you can set an automatic proxy by going to the Mac System Preferences > NetworkAdvanced > Proxies tab. Select Automatic Proxy Configuration and provide the PAC file.

Qualys proxy configured in the /QualysCloudAgent/Config/proxy file takes preference over any proxies set in System Preferences including Automatic Proxy, Web Proxy (HTTP), or Secure Web Proxy (HTTPS).

Bypass Proxy Mode

By default, the Cloud Agent for MacOS operates in non-proxy mode.

To prevent Cloud Agent from using a proxy, configure no_proxy variable in /Library/Application Support/QualysCloudAgent/Config/proxy. The no_proxy Environment variable  is used to bypass the proxy. Curl library honors the no_proxy environment variable. If no_proxy is set, curl does not use proxy even if any proxy environment variable is set.

Following are the steps to set no_proxy variable for Qualys Cloud Agent:

  1. Edit /Library/Application Support/QualysCloudAgent/Config/proxy file.
  2. Add the following command in qualys_https_proxy configuration:

    export qualys_https_proxy=https://[<username>:<password>@]<host>[:<port>]
    export no_proxy=<pod domain name>

 

© 2024 Qualys, Inc. All rights reserved. Privacy Policy.