Post

#11 - CyberArk Privilege Cloud | PSMP Proxy Configuration

Posted Updated
By cybrad
1 min read
#11 - CyberArk Privilege Cloud | PSMP Proxy Configuration
WARNING

Be Aware That This Is Currently Under Controlled Availability. For This To Be Supported You Need To Get Written Approval From PM, Contact Your Account Executive To Start This Process. If You Do Not, CyberArk Can’t Guarantee Support.

This video covers the PSMP connector install with a proxy for internet access. If you are not using a proxy server, please refer to this post for more details.

CyberArk KB - Proxy Configuration in Privilege Cloud

Video Preview

Objectives

  • LAB Overview
  • Install PSMP v13.2 using web proxy
  • Test PSMP

PSMP Install commands

Copy PrivilegedSessionManagerSSHProxy-RHELinux8-Intel64-Rls-vXX.X.zip file to PSMP server
1

scp "C:\Install\CyberArk Privilege Cloud_14.0_1700448236427\Privileged Cloud\Privileged Session Manager for SSH\PrivilegedSessionManagerSSHProxy-RHELinux8-Intel64-Rls-v14.0.zip" localadmin@psmp10:~

SSH to PSMP

Edit file /etc/dnf/dnf.conf using vi

1

sudo vi /etc/dnf/dnf.conf

Add the following line to the bottom.

1

proxy=http://webproxy.cybrad.au:3128

Install packages wget unzip and nano

1

sudo dnf install wget unzip nano

Edit environment variables.

1

sudo nano /etc/environment

Add the follwoing lines

1
2

http_proxy=http://webproxy.cybrad.au:3128
https_proxy=http://webproxy.cybrad.au:3128

1

sudo reboot

Tidy up files

1
2
3

mkdir PSMP
mv PrivilegedSessionManagerSSHProxy-RHELinux8-Intel64-Rls-v14.0.zip ./PSMP/
cd PSMP/

Download psmpwiz script

1

wget https://raw.githubusercontent.com/pCloudServices/psmpwiz/main/psmpwiz1320.sh

Change file permissions

1
2

chmod 755 CreateCredFile CARKpsmp-13.2.0.15.x86_64.rpm psmpwiz1320.sh
ls -ltr

Edit vault.ini

1

nano vault.ini

Upddate vault address on line 2

1

ADDRESS=vault-subdomain.privilegecloud.cyberark.cloud

Add in proxy details

1
2
3

PROXYTYPE=HTTPS
PROXYADDRESS=webproxy.cybrad.au
PROXYPORT=3128

Run psmpwiz script

1

sudo ./psmpwiz1320.sh

Edit psmpsrv-psmpserver.service file

1

sudo nano /usr/lib/systemd/system/psmpsrv-psmpserver.service

Append the follwoing on the line that starts wint Environment=

1

"HTTPS_PROXY=webproxy.cybrad.au:3128"

Daemon reload and restart service

1
2

sudo systemctl daemon-reload
sudo service psmpsrv restart

Troubleshooting

This command dispalys a live monitor of the PSMTrace log

1

sudo tail -f /var/opt/CARKpsmp/logs/PSMPTrace.log

Timeline

  • Intro 0:00
  • Lab Overview 0:26
  • Set installer user password 0:44
  • PSMP Install 1:08
  • Troubleshoot PSMP 6:41
  • Test PSMP 8:15
Privilege Cloud, PSMP, squid proxy
cyberark privilegecloud psmp squidproxy
This post is licensed under CC BY 4.0 by the author.