Cloud Agent for Linux Intel Release 7.2.1
Limited Customer Release
July 10, 2025
Bypass Proxy and Server SSL Verification
We have introduced new options — Bypass Proxy and Bypass Server SSL Verification, in the Vault Configuration profile, to allow you to bypass the configured proxies and server SSL verification while connecting to the CyberArk vault.
These options help reduce the connection failure instances to the CyberArk Vault by avoiding vault connections with failed proxies and skipping server authentication for expired SSL certificates.
The Bypass Proxy and Bypass Server SSL Verification has limited availability. To avail these options, contact your Technical Account Manager (TAM) or Qualys Support.
To enable these options, in the Cloud Agent user interface, navigate to Configuration > Vault > New Secure Vault Connection.
Bypass Proxy: When proxies are configured, Cloud Agent routes all its outbound connections via a proxy. If you enable the Bypass Proxy option, Cloud Agent attempts a direct connection to the CuberArk Vault, bypassing the configured proxies.
By default, this feature is enabled for all vault configuration profiles, meaning the Cloud Agent attempts a direct connection to the CyberArk Vault.
Bypass Server SSL Verification: Select this checkbox to bypass the server SSL verification. You can use this option when the server authentication can not be done due to some environmental issues, such as HTTPS certificate expiration.
By default, this option is disabled, meaning the Cloud Agent will follow the normal authentication process while connecting to the CyberArk vault.
| Required application version | Cloud Agent Application 2.1.0 |
Known Issues
The following important issues are observed for this release:
- When the qualys_https_proxy is configured in the /etc/environment, the Cloud Agent connects to the CyberArk vault via the configured qualys_https_proxy. Ideally, if the proxy is specified with the qualys_https_proxy environment variable, it should be used only for communicating with the Qualys Cloud Platform.
- If an expired or invalid certificate is appended to custom-ca.crt and server SSL verification is enabled, then Cloud Agent fails to communicate with Qualys Cloud Platform.
- Cloud Agent does not use the PAC Proxy configuration for Database Authentication URL, even when the PAC proxy is allowed for connection.
- If you use the space character in any of the fields, such as object name, safe name, or application ID, the CyberArk vault connection fails.