Dark ZAC with Management API on Localhost 18441


I am working through a new configuration for the controller that I have not used before.

  1. Dark ZAC. I have this working on https://n2.zac.ziti:8888/login


  1. Running the Controller Management API on local host.


After making the necessary changes, I can still access ZAC over a ziti address

However, when I attempt to login, it fails.

My Understanding

Because the management API is now running on 18441… I need to create a new console config.

However… when I enter the new details… I cannot set the controller.

Any tips?

What I believe after thinking through this that it is possible to set this up.

For instance, I could make a new private DNS for the management API… but this would not be enough because I would then need to use the NodeJS SDK to tunnel into the localhost

So… I am a bit stuck with this…

Any tips / comments / suggestions ?

The URL you enter for ZAC on this screen, must be addressable by the ZAC server, not your local client. This is most easily tested by ssh’ing to the machine running ZAC, and then running a curl -sk https://_controller_url_:_port_ - like : curl -sk If you cannot do that, the ‘set controller’ button won’t work.

Start by ssh’ing to the machine running ZAC and try the curl: curl -sk

If that succeeds (i’ll be shocked, but it’s possible) then post back here. If you are running your ZAC co-located with your controller, you should not use, you should use https://localhost:18441`

Make sense?

My guess is that your web ACL or a local firewall is blocking 18441 - which you probably want anyway, right? That means if it were me, I would not open port 18441, otherwise what you’re doing isn’t worth it :).

1 Like

I can see how why this is not possible.