Overview
You can let all communications between the mobile user devices and Cortado Server run through a proxy server. You will need the Cortado Proxy Extension for this. Proxy Extension is the DMZ component of Cortado Server. Mobile devices (Smartphones, Tablets) are connected to a proxy server, rather than to the Cortado server. And then the proxy server communicates with the Cortado server (and the Cortado server communicates with the mail server).
Although installation of Proxy Extension is optional, it is, nonetheless, a prerequisite for using the Sharing function (Virtual Data Rooms).
Note! Install the Cortado Proxy Extension before you proceed with the Cortado Server configuration.
Configure server settings
Make a server available in the DMZ to serve as proxy server (Windows Server 2012 or higher). This does not need to be a member of the same domain as Cortado Server. Log in to the proxy server as administrator.
- Open the Cortado Management console. Select Control Panel→ Global Settings→ Proxy and then Configure (arrow in illus.).
- Select Outbound proxy server if you use a proxy server for outbound connections (left in illus.) (recommended for environments with high security levels).
- Select the type of proxy server and enter the server address.
- Depending on the type, you can additionally set a user name and password under Use authentication (left in illus.).
- Select Inbound proxy server, to register your Proxy-Server for incoming connections (right in illus.).
- Enter the server address of the proxy server incl. the port.
- Close the window with click on OK.
Download certificates
Note! The Cortado server generates a server certificate (SSL) and a client certificate for the proxy server. These are derived from the root certificate of the Cortado server. If you use your own root certificate, or one you have purchased, it must be imported beforehand (with its private key) into the certificate store of the Cortado server.If you want to use a server certificate (SSL) that was purchased from an official certification authority: Import the purchased server certificate (SSL) into the Cortado server certificate store, and also into the proxy server, in Certificates (Local Computer)→ Personal→ Certificates. You can find an overview of the distribution of root and server certificates in the section Distribution of certificates.
- Now click on Download proxy certificates, to download the .zip file with the certificates (root, server and client certificates).
Note! You use the .zip file, even if you want to use a purchased server certificate for the proxy server.
- Assign a password to secure the certificates. You will need to enter this password later in the proxy server.
- Save the .zip file. The certificates contained therein must later be imported into the proxy server. Copy the .zip file to a directory on the proxy server.
Note! The client certificate for the proxy server is valid for one year. Download a new one before the certificate expires. Proceed as described in our guide How to extend the client certificate of the proxy server . Then run the Configuration Assistant on the proxy server again. Upload the new client certificate there.
Installation
- Copy the Cortado Proxy Extension.exe software into a directory on the proxy server.
- Some software components may have to be installed if necessary. Confirm with Install.
Note! During and after installation a Windows restart may be necessary.
- After installing the prerequisites, the Welcome window opens. Click here on Next.
- The Cortado Proxy Extension requires a Microsoft SQL Server 2012 Express (x64).
- You can install it by clicking on Yes on your Proxy server.
- Or use an existing one on another server by clicking on No.
- In this case, give the proxy admin account the right beforehand to create a database on the existing SQL Server.
- Select Install Proxy Extension (only), if you only want to use the server as a proxy, and don’t wish to use the Sharing option. Click Next to continue.
Note! If you’re using the Proxy Extension without the Sharing option, most of the following installation and configuration steps are not required. No database is installed and no admin account is entered. Just enter the name of the Cortado server in the configuration wizard and install root, server and client certificates.
- Select Install Proxy Extension (with On-Premise Sharing), if you want to use the Sharing option.
- Select database server local or select an other server. Click Next to continue.
- In the next window you can designate the destination folder.
- Click Next and Cortado Proxy Extension will be installed under C:\Program Files\Cortado Proxy Extention.
- If you prefer a different folder, click Change.
- Click Next to continue.
- Start the installation.
- Now install another software component (Cortado Output Gateway).
- Click on Finish to complete the installation and then restart the server.
Initial configuration
- The configuration assistant starts automatically. In the Welcome window, click on Next.
- Enter the password of the local administrator account which you used to perform the installation.
- Determine here whether external Sharing users will be permitted to use simple passwords. If the Allow simple password for external users checkbox is cleared, then the Windows complexity conditions that you specified for your Windows servers will be applied automatically.
- Enter the server name of the Cortado servers and the proxy server.
- If you need to use the SQL database that was created during the installation of the proxy server, leave the default setting ((local)\sqlexpress) bei. Otherwise, enter the SQL server here.
- You can click on Next if you don’t want to make any changes here, as they are optional. Alternatively, you can click on Select to define the paths to User Storage and to the Projects folder.
- Now select Import certificates from zip archive (arrow in illus.), to import your .zip file with the certificates that were generated earlier in the management console (see Download certificates).
- Click on Browse (upper arrow in illus.) to select the .zip file with the certificates (that you copied earlier from the Cortado server to the proxy server). Then enter the certificate password (middle arrow in illus.), that you assigned earlier when downloading the certificates to the Cortado server. Then select Import (lower arrow in illus.).
- You will now be able to see the certificates in the overview.
Note! If you want to use a server certificate (SSL) that was purchased from an official certification authority (e.g. Symantec or Thawte), or one generated by your own certification authority, select it now, under Select the server certificate (SSL)… aus. The purchased/self-generated server certificate (SSL) must have been previously imported into both the certificate store of the Cortado server and into the proxy server, in Certificates (Local Computer)→ Personal→ Certificates.
- Click on Proceed to continue with the basic configuration.
- To conclude the configuration, click on Close.
If you want to make the Sharing option available to your users, proceed as described in the section Sharing.