Secure HTTP (HTTPS) is already supported in Single Connect. Configurations are the same for both HTTP and HTTPS. All HTTP requests, responses, headers, and contents sent and received during the session are logged indisputably.

Although Single Connect secures all communication after authentication through HTTPS protocol, authentication is performed through the HTTP protocol by default on the web browser; this information can be obtained if the network is captured. To eliminate this risk, the HTTP Proxy can be configured to use the HTTPS protocol, even for proxy authentication.

To enable SSL on the HTTP Proxy, the http.proxy.ssl.enabled parameter should be set as true and the http.proxy.protocol parameter should be changed from HTTP to https. These parameters are located under /u01/http proxy/conf/http_proxy.properties. This property is used together with the http.proxy.host parameter - meaning that if the http.proxy.ssl.enabled parameter is set to true, the HTTP Proxy generates a certificate at runtime containing the given host as the Subject Alternative Name to ensure it is trusted by the browser. Otherwise, the browser will reject requests. Therefore, to configure HTTP Proxy settings on the browser or OS, the http.proxy.host parameter must be the same as the given host/IP.

To use this feature, the web browser must be started with the HTTPS protocol for authentication. For the Chrome instance, it must be started as follows in the end-user browser to start the session with SSL:

chrome --proxy-server=https://HTTP_PROXY_HOST:7080

As shown in the Chrome browser example, end-users must open other browsers differently. Since this feature affects the end-user experience, it must be configured carefully.

Learn how to enable SSL on the Single Connect HTTP Proxy to ensure secure authentication. Set specific parameters in the configuration file and start the web browser with the HTTPS protocol. Mitigate security risks by configuring this feature carefully fo

HTTP Proxy SSL/TLS Mode

Brute Force Protection

Adding a Web Page as a Device

HTTP Policy Configuration

HTTP Policy Realm

Single Connect HTTP Proxy Configuration

Reference Guide

PAM BU SC-Product Reference Guide

Single Connect Web GUI

License Manager

Email Server Configuration

Mail Management

Language Settings

Menu Lists Management

System Configuration Parameters

Enabling Push Notifications for Mobile Application

Backup Manager

Enabling HTTPS on the Single Connect Web GUI

802.1x Authentication

SAML Authentication

Hardware Security Module (HSM) Integration

Windows Authentication on the Single Connect GUI

Multitenancy

Single Connect Administration

Manual User Creation

Single Connect Users Search

User Definition Option Menu

Editing Single Connect Users

User Properties Set up 

Temporary User

Local User Bulk Import

New User Request

Force New User to Change Password 

User Password Strength Settings 

User Password Hash Algorithm Settings

Notifying Inactive Users Before Lock

LDAP/Active Directory Integration

User Group Creation

Assigned Credentials

SSH Keys Manager

User Management

Element Type

Device Groups 

Device Inventory

Device Management

Policy Key Definition

Policy Groups Definition

Policy Realm Definition

Policy Tracking

Policy Management

Managerial Approval for Connections 

Managerial Approval Reservation

Managerial Approval for Commands

Managerial Approval in Shared Account Password Manager (SAPM)

Approval Workflow

Approval Workflow SMS Settings

Approval Management

SSH Proxy

RDP Proxy

HTTP/S Proxy

Advanced Authorization Methods

Threat Analytics

Session Manager

Shared Accounts Password Management (SAPM)

Managing Application-to-Application Password Management (AAPM) Accounts

Secret Data Vault

Dynamic Password Controller

Sending MFA QR Codes to Users

Creating a Connection Between Single Connect and the Single Connect Mobile Application

Enabling One-Time Password (OTP)

Using MFA to Log in to the Single Connect Web GUI

Using MFA to Log in to the Single Connect Desktop Client

Using MFA for SSH Connections

Using MFA for RDP Connections

Using MFA for SSH Proxy

Using MFA for HTTP/HTTPS Proxy

OTP Configuration for TACACS+ Manager

Using MFA for Mobile Application

Offline/Online Mode Settings

Using SMS for MFA

Using Hardware Tokens for MFA

MFA Configurations for VPN Services

External MFA Providers

Using MFA for SFTP Proxy

Multi-Factor Authentication

Basic Configurations for TACACS+ Devices

MSCHAPv2 RADIUS Configuration

TACACS+ Management Configuration Page 

TACACS+ Access Manager

SQL Proxy

Sensitive Data Discovery

SFTP Proxy

Data Access Manager

Importing Devices from Amazon Web Services

Importing Devices from Microsoft Azure

Importing Devices from Google Cloud Platform

Cloud PAM

Single Connect Logs

Active Sessions and Dual Control

System Log Viewer

Viewing Logs in Different Time Formats

Log Backup Management and Archiving

SIEM Configuration

Reports 

Dashboard

Tamper Proof Logging

Single Connect Reporting and Logging Functions

Adding New Command Templates

Executing a Command Template

Adding a New Script

Running a Script

Creating a Workflow

Running a Workflow

Workflow History Logs

Privileged Task Automation Manager

Monitoring 

Alarms

Alarm Configuration

Monitoring & Alarms

Watchdog Configuration 

Watchdog Mechanism

High Availability

Failover Scenario

Visualizing Reports and User Rights

Creating Charts for Reporting

Creating Dashboards

Report Email Scheduling

Dynamic Reports

Reporting

Logical Architecture

Tenant Management Requirements 

Tenant Management Interface

Administration by Tenant Admins

System Config Manager Parameters

DevOps Integration

APPENDIX 1: System Config Manager Parameters

APPENDIX 2: Job Descriptions for Job Scheduler