Setting up and upgrading PrivX with custom network ports

These instructions describe how to set up and upgrade PrivX running on custom ports. The port number used in this example is 9443.

Setting Up

  1. Add port to SELinux
    $ semanage port -a -t http_port_t -p tcp 9443

  2. Add port to firewall and restart
    $ firewall-cmd --zone=public --permanent --add-port=9443/tcp
    $ service firewalld restart

  3. Change port 443 to 9443 in Nginx and restart
    $ vi /etc/nginx/conf.d/privx.conf
    $ service nginx restart

  4. Add :9443 to addresses in PrivX and restart
    $ vi /opt/privx/etc/shared-config.toml

server {
        listen                          9443 ssl http2;

        client_max_body_size            1M;

        ssl_protocols                   TLSv1.2;
        ssl_prefer_server_ciphers       on;
        ssl_ciphers                     'AESGCM+EECDH:AESGCM+EDH:AES+EECDH:AES+EDH:AES128-GCM-SHA256:AES128-SHA256:AES128-SHA:-DSS:-EDH';
        ssl_session_cache               shared:SSL:10m;
        ssl_certificate                 /etc/nginx/ssl/nginx.crt;
        ssl_certificate_key             /etc/nginx/ssl/nginx.key;

        include                         privx/privx-common.conf;
        include                         privx/privx-csp.conf;
        include                         privx/privx-https-location.conf;

$ service privx restart

  1. Connect to PrivX with browser


  1. After upgrading PrivX overwrite Nginx privx.conf with old file
    $ cp /etc/nginx/conf.d/privx.conf-old /etc/nginx/conf.d/privx.conf

  2. Restart Nginx
    $ service nginx restart

Was this page helpful?