Admin Center - zcabrer/proxylab GitHub Wiki

Proxy Lab Admin Center Documentation

Welcome to the Proxy Lab Admin Center Documentation! This page provides detailed descriptions of all the administrative tools available in Proxy Lab. These tools are designed to help you manage and monitor your Proxy Lab server effectively.

1. HTTPS Configuration Tool

Description

The HTTPS Configuration Tool allows you to enable HTTPS on the server by uploading a password-protected .pfx file (certificate) and its associated password. This ensures secure communication between clients and the server.

How to Use

  1. Navigate to the HTTPS Configuration Tool in the Admin Center.
  2. Upload a .pfx file containing the certificate and private key:
    • Click the Choose File button and select your .pfx file.
  3. Enter the password for the .pfx file in the password field.
  4. Click the Upload button to submit the certificate.
  5. Restart the server manually for the changes to take effect.

Note:

  • Ensure the .pfx file includes the full certificate chain (leaf, intermediate, root).
  • This feature is only supported for local deployment or Azure VM deployment. For Azure Container Instance, use Key Vault integration (see below). For HTTPS and custom domain in App Service, use the App Service built-in tools.

HTTPS Configuration in Azure Container Instance

Prerequisites

  • Review the ACI deployment guide.
  • KeyVault that uses Access Policies in the same tenant as the ACI
  • A good certificate uploaded to KeyVault

Key Vault Integration for HTTPS in Azure Container Instance

To enable HTTPS running on Azure Container Instance (ACI) using Azure Key Vault integration, follow these steps:

  1. Set useKeyVault Parameter to true
    When deploying the ACI using the ARM/Bicep template, set the useKeyVault parameter to true. This tells the deployment to enable Key Vault integration for certificate retrieval.

  2. Provide Key Vault Name and Certificate Name
    Supply the keyVaultName and keyVaultCertificateName parameters with the name of your Azure Key Vault and the name of the certificate stored in it.

    • Example parameters:
      • KEYVAULT_NAME: Your Key Vault's name
      • KEYVAULT_CERTIFICATE_NAME: The name of the certificate in Key Vault

  3. Assign Key Vault Access Policy to ACI Managed Identity
    When useKeyVault is true, the ACI is deployed with a system-assigned managed identity.

    • Go to the Azure Portal → your Key Vault → Access policies
    • Click + Add Access Policy
    • Select Secret Management template (or manually select "Get" permission for Secrets)
    • Under Principal, search for and select the name of your ACI (the container group name)
    • Click Add and then Save to apply the policy

  4. Review Key Vault Network Settings
    Ensure your Key Vault allows public access so the ACI can reach it:

    • Go to Key Vault → SettingsNetworking
    • Under Firewalls and virtual networks, set "Allow public access from all networks" (or configure as needed for your environment)

  5. Restart the ACI
    After updating access policies or network settings, restart the ACI:

    • Go to your ACI in the Azure Portal
    • On the Overview page, click Restart

  6. Verify HTTPS in Container Logs

    • Go to your ACI → SettingsContainersLogs tab
    • Check the logs for confirmation that HTTPS is running
    • If there are issues (e.g., Key Vault access errors), the logs will display relevant error messages

Note:

If HTTPS does not start, double-check the Key Vault access policy, network settings, and that the certificate exists and is valid in Key Vault.

2. Packet Capture Tool

Description

The Packet Capture Tool allows you to capture network traffic on the server and save it as a .pcap file. This file can be downloaded and analyzed using tools like Wireshark, making it useful for debugging and network analysis.

How to Use

  1. Navigate to the Packet Capture Tool in the Admin Center.
  2. Start capturing packets:
    • Click the Start Capture button to begin capturing network traffic.
  3. Stop capturing packets:
    • Click the Stop Capture button to end the capture. (This button is enabled only after starting the capture.)
  4. Download the .pcap file:
    • Once the capture is stopped, a Download Capture button will appear. Click it to download the file.

3. Live Logs Tool

Description

The Live Logs Tool provides real-time monitoring of HTTP requests processed by the server. This tool uses WebSockets to stream logs directly to your browser, allowing you to observe server activity as it happens.

How to Use

  1. Navigate to the Live Logs Tool in the Admin Center.
  2. View the logs in the log display area. Logs are displayed in the following format: