Author Topic: EA client on internet cannot obtain license from floating licence server (Azure)  (Read 4085 times)

christofn

  • EA Novice
  • *
  • Posts: 5
  • Karma: +0/-0
    • View Profile
Hello,

I have a pro cloud server (PCS) v5.1 running in Azure. I have WebEA running on the PCS as well as floating license server (FLS). My EA client can obtain a shared license from FLS when my PC has a VPN connection into Azure. With the VPN connection, I can ping the fully qualified name (FQN) of the server; this FQN is used to tell the EA client where the FLS is. I have a server.pem certificate with the FQN on the server. The domain name of the server (and thus its FQN) is our AD domain and this is not available on the internet. So far so good, everything works as it should.
Not all the EA users in my organisation are entitled to a VPN connection into Azure. They need to connect to the FLS through https over the internet. They have to enter an URL as the FLS adres in the EA licence management\shared keystore selection window. This URL (https://....:443) is based on our public domain name (which is different from our AD domain name). Public DNS directs this URL to our Azure Application Gateway, which should redirect to the internal FLS adres based on the server FQN; internally the port used is 1805 (as 443 is already in use by WebEA which runs on the same PCS. I cannot get this to work from the internet, meaning the EA client does not manage to get a license from PCS (most likely because I made a configuration error).

Has anyone managed to get this setup working? I couldn't find any documentation from Sparx on this topic.

Thanks, Christof

Modesto Vega

  • EA Practitioner
  • ***
  • Posts: 1078
  • Karma: +28/-8
    • View Profile
Hi Christof, does your SSL certificate include both the internal and external FQN? The Certificate Subject Alternative Name can be used for this.

christofn

  • EA Novice
  • *
  • Posts: 5
  • Karma: +0/-0
    • View Profile
Hello Modesto, thanks for your reply. My SSL certificate currently does not include both the internal and external FQN. Good tip! I will give it a try. It will probably take a few days before I have feedback as I rely on other persons to make some of the required changes.