diff --git a/zabbix-appliance/rhel/conf/etc/php-fpm.d/zabbix.conf b/zabbix-appliance/rhel/conf/etc/php-fpm.d/zabbix.conf
index a4926f4ae..1d19fd099 100644
--- a/zabbix-appliance/rhel/conf/etc/php-fpm.d/zabbix.conf
+++ b/zabbix-appliance/rhel/conf/etc/php-fpm.d/zabbix.conf
@@ -2,6 +2,8 @@
 
 listen = /tmp/php-fpm.sock
 
+clear_env = no
+
 pm = dynamic
 pm.max_children = 50
 pm.start_servers = 5
@@ -16,10 +18,10 @@ php_admin_flag[log_errors] = on
 php_value[session.save_handler] = files
 php_value[session.save_path]    = /var/lib/php/session
 
-php_value[max_execution_time]= 300
-php_value[memory_limit]= 128M
-php_value[post_max_size]= 16M
-php_value[upload_max_filesize]= 2M
-php_value[max_input_time]= 300
-php_value[max_input_vars]= 10000
-; php_value[date.timezone]= Europe/Riga
+php_value[max_execution_time] = ${ZBX_MAXEXECUTIONTIME}
+php_value[memory_limit] = ${ZBX_MEMORYLIMIT}
+php_value[post_max_size] = ${ZBX_POSTMAXSIZE}
+php_value[upload_max_filesize] = ${ZBX_UPLOADMAXFILESIZE}
+php_value[max_input_time] = ${ZBX_MAXINPUTTIME}
+php_value[max_input_vars] = 10000
+php_value[date.timezone] = ${PHP_TZ}
diff --git a/zabbix-appliance/rhel/conf/etc/zabbix/web/zabbix.conf.php b/zabbix-appliance/rhel/conf/etc/zabbix/web/zabbix.conf.php
index 29f041457..920b8ab1c 100644
--- a/zabbix-appliance/rhel/conf/etc/zabbix/web/zabbix.conf.php
+++ b/zabbix-appliance/rhel/conf/etc/zabbix/web/zabbix.conf.php
@@ -2,37 +2,49 @@
 // Zabbix GUI configuration file.
 global $DB, $HISTORY;
 
-$DB['TYPE']     = 'MYSQL';
-$DB['SERVER']   = '{DB_SERVER_HOST}';
-$DB['PORT']     = '{DB_SERVER_PORT}';
-$DB['DATABASE'] = '{DB_SERVER_DBNAME}';
-$DB['USER']     = '{DB_SERVER_USER}';
-$DB['PASSWORD'] = '{DB_SERVER_PASS}';
+$DB['TYPE']     = getenv('DB_SERVER_TYPE');
+$DB['SERVER']   = getenv('DB_SERVER_HOST');
+$DB['PORT']     = getenv('DB_SERVER_PORT');
+$DB['DATABASE'] = getenv('DB_SERVER_DBNAME');
+$DB['USER']     = getenv('DB_SERVER_USER');
+$DB['PASSWORD'] = getenv('DB_SERVER_PASS');
 
 // Schema name. Used for IBM DB2 and PostgreSQL.
-$DB['SCHEMA'] = '{DB_SERVER_SCHEMA}';
+$DB['SCHEMA'] = getenv('DB_SERVER_SCHEMA');
 
-$ZBX_SERVER      = '{ZBX_SERVER_HOST}';
-$ZBX_SERVER_PORT = '{ZBX_SERVER_PORT}';
-$ZBX_SERVER_NAME = '{ZBX_SERVER_NAME}';
+$ZBX_SERVER      = getenv('ZBX_SERVER_HOST');
+$ZBX_SERVER_PORT = getenv('ZBX_SERVER_PORT');
+$ZBX_SERVER_NAME = getenv('ZBX_SERVER_NAME');
 
 // Used for TLS connection.
-$DB['ENCRYPTION']		= {ZBX_DB_ENCRYPTION};
-$DB['KEY_FILE']			= '{ZBX_DB_KEY_FILE}';
-$DB['CERT_FILE']		= '{ZBX_DB_CERT_FILE}';
-$DB['CA_FILE']			= '{ZBX_DB_CA_FILE}';
-$DB['VERIFY_HOST']		= {ZBX_DB_VERIFY_HOST};
-$DB['CIPHER_LIST']		= '{ZBX_DB_CIPHER_LIST}';
+$DB['ENCRYPTION']		= getenv('ZBX_DB_ENCRYPTION') == 'true' ? true: false;
+$DB['KEY_FILE']			= getenv('ZBX_DB_KEY_FILE');
+$DB['CERT_FILE']		= getenv('ZBX_DB_CERT_FILE');
+$DB['CA_FILE']			= getenv('ZBX_DB_CA_FILE');
+$DB['VERIFY_HOST']		= getenv('ZBX_DB_VERIFY_HOST') == 'true' ? true: false;
+$DB['CIPHER_LIST']		= getenv('ZBX_DB_CIPHER_LIST') ? getenv('ZBX_DB_CIPHER_LIST') : '';
 
 // Use IEEE754 compatible value range for 64-bit Numeric (float) history values.
 // This option is enabled by default for new Zabbix installations.
 // For upgraded installations, please read database upgrade notes before enabling this option.
-$DB['DOUBLE_IEEE754']	= {DB_DOUBLE_IEEE754};
+$DB['DOUBLE_IEEE754']	= getenv('DB_DOUBLE_IEEE754') == 'true' ? true: false;
 
 
 $IMAGE_FORMAT_DEFAULT	= IMAGE_FORMAT_PNG;
 
 // Elasticsearch url (can be string if same url is used for all types).
-$HISTORY['url']   = '{ZBX_HISTORYSTORAGEURL}';
+$history_url = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGEURL'));
+$HISTORY['url']   = (json_decode($history_url)) ? json_decode($history_url) : $history_url;
 // Value types stored in Elasticsearch.
-$HISTORY['types'] = {ZBX_HISTORYSTORAGETYPES};
+$storage_types = str_replace("'","\"",getenv('ZBX_HISTORYSTORAGETYPES'));
+
+$HISTORY['types'] = (json_decode($storage_types)) ? json_decode($storage_types) : array();
+
+// Used for SAML authentication.
+// Uncomment to override the default paths to SP private key, SP and IdP X.509 certificates, and to set extra settings.
+$SSO['SP_KEY']			= file_exists('/etc/zabbix/web/certs/sp.key') ? '/etc/zabbix/web/certs/sp.key' : '';
+$SSO['SP_CERT']			= file_exists('/etc/zabbix/web/certs/sp.crt') ? '/etc/zabbix/web/certs/sp.crt' : '';
+$SSO['IDP_CERT']		= file_exists('/etc/zabbix/web/certs/idp.crt') ? '/etc/zabbix/web/certs/idp.crt' : '';
+
+$sso_settings = str_replace("'","\"",getenv('ZBX_SSO_SETTINGS'));
+$SSO['SETTINGS']		= (json_decode($sso_settings)) ? json_decode($sso_settings) : array();
diff --git a/zabbix-appliance/rhel/docker-entrypoint.sh b/zabbix-appliance/rhel/docker-entrypoint.sh
index 3dfa2d7f1..7d75983e0 100755
--- a/zabbix-appliance/rhel/docker-entrypoint.sh
+++ b/zabbix-appliance/rhel/docker-entrypoint.sh
@@ -527,22 +527,10 @@ update_zbx_config() {
 
 
 prepare_zbx_web_config() {
-    local server_name=""
-
     echo "** Preparing Zabbix frontend configuration file"
 
-    ZBX_WWW_ROOT="/usr/share/zabbix"
-    ZBX_WEB_CONFIG="$ZABBIX_ETC_DIR/web/zabbix.conf.php"
-
     PHP_CONFIG_FILE="/etc/php-fpm.d/zabbix.conf"
 
-    update_config_var "$PHP_CONFIG_FILE" "php_value[max_execution_time]" "${ZBX_MAXEXECUTIONTIME:-"600"}"
-    update_config_var "$PHP_CONFIG_FILE" "php_value[memory_limit]" "${ZBX_MEMORYLIMIT:-"128M"}"
-    update_config_var "$PHP_CONFIG_FILE" "php_value[post_max_size]" "${ZBX_POSTMAXSIZE:-"16M"}"
-    update_config_var "$PHP_CONFIG_FILE" "php_value[upload_max_filesize]" "${ZBX_UPLOADMAXFILESIZE:-"2M"}"
-    update_config_var "$PHP_CONFIG_FILE" "php_value[max_input_time]" "${ZBX_MAXINPUTTIME:-"300"}"
-    update_config_var "$PHP_CONFIG_FILE" "php_value[date.timezone]" "${PHP_TZ}"
-
     if [ "$(id -u)" == '0' ]; then
         echo "user = zabbix" >> "$PHP_CONFIG_FILE"
         echo "group = zabbix" >> "$PHP_CONFIG_FILE"
@@ -550,40 +538,37 @@ prepare_zbx_web_config() {
         echo "listen.group = nginx" >> "$PHP_CONFIG_FILE"
     fi
 
-    ZBX_HISTORYSTORAGETYPES=${ZBX_HISTORYSTORAGETYPES:-"[]"}
+    export ZBX_MAXEXECUTIONTIME=${ZBX_MAXEXECUTIONTIME:-"600"}
+    export ZBX_MEMORYLIMIT=${ZBX_MEMORYLIMIT:-"128M"}
+    export ZBX_POSTMAXSIZE=${ZBX_POSTMAXSIZE:-"16M"}
+    export ZBX_UPLOADMAXFILESIZE=${ZBX_UPLOADMAXFILESIZE:-"2M"}
+    export ZBX_MAXINPUTTIME=${ZBX_MAXINPUTTIME:-"300"}
+    export PHP_TZ=${PHP_TZ:-"Europe/Riga"}
 
-    # Escaping characters in parameter value
-    server_name=$(escape_spec_char "${ZBX_SERVER_NAME}")
-    server_user=$(escape_spec_char "${DB_SERVER_ZBX_USER}")
-    server_pass=$(escape_spec_char "${DB_SERVER_ZBX_PASS}")
-    history_storage_url=$(escape_spec_char "${ZBX_HISTORYSTORAGEURL}")
-    history_storage_types=$(escape_spec_char "${ZBX_HISTORYSTORAGETYPES}")
+    export DB_SERVER_TYPE="MYSQL"
+    export DB_SERVER_HOST=${DB_SERVER_HOST}
+    export DB_SERVER_PORT=${DB_SERVER_PORT}
+    export DB_SERVER_DBNAME=${DB_SERVER_DBNAME}
+    export DB_SERVER_SCHEMA=${DB_SERVER_SCHEMA}
+    export DB_SERVER_USER=${DB_SERVER_ZBX_USER}
+    export DB_SERVER_PASS=${DB_SERVER_ZBX_PASS}
+    export ZBX_SERVER_HOST="localhost"
+    export ZBX_SERVER_PORT="10051"
+    export ZBX_SERVER_NAME=${ZBX_SERVER_NAME}
 
-    ZBX_DB_KEY_FILE=$(escape_spec_char "${ZBX_DB_KEY_FILE}")
-    ZBX_DB_CERT_FILE=$(escape_spec_char "${ZBX_DB_CERT_FILE}")
-    ZBX_DB_CA_FILE=$(escape_spec_char "${ZBX_DB_CA_FILE}")
+    export ZBX_DB_ENCRYPTION=${ZBX_DB_ENCRYPTION:-"false"}
+    export ZBX_DB_KEY_FILE=${ZBX_DB_KEY_FILE}
+    export ZBX_DB_CERT_FILE=${ZBX_DB_CERT_FILE}
+    export ZBX_DB_CA_FILE=${ZBX_DB_CA_FILE}
+    export ZBX_DB_VERIFY_HOST=${ZBX_DB_VERIFY_HOST-"false"}
+
+    export DB_DOUBLE_IEEE754=${DB_DOUBLE_IEEE754:-"true"}
+
+    export ZBX_HISTORYSTORAGEURL=${ZBX_HISTORYSTORAGEURL}
+    export ZBX_HISTORYSTORAGETYPES=${ZBX_HISTORYSTORAGETYPES:-"[]"}
+
+    export ZBX_SSO_SETTINGS=${ZBX_SSO_SETTINGS:-""}
 
-    sed -i \
-        -e "s/{DB_SERVER_HOST}/${DB_SERVER_HOST}/g" \
-        -e "s/{DB_SERVER_PORT}/${DB_SERVER_PORT}/g" \
-        -e "s/{DB_SERVER_DBNAME}/${DB_SERVER_DBNAME}/g" \
-        -e "s/{DB_SERVER_SCHEMA}/${DB_SERVER_SCHEMA}/g" \
-        -e "s/{DB_SERVER_USER}/$server_user/g" \
-        -e "s/{DB_SERVER_PASS}/$server_pass/g" \
-        -e "s/{ZBX_SERVER_HOST}/localhost/g" \
-        -e "s/{ZBX_SERVER_PORT}/10051/g" \
-        -e "s/{ZBX_SERVER_NAME}/$server_name/g" \
-        -e "s/{ZBX_DB_ENCRYPTION}/${ZBX_DB_ENCRYPTION:-"false"}/g" \
-        -e "s/{ZBX_DB_KEY_FILE}/${ZBX_DB_KEY_FILE}/g" \
-        -e "s/{ZBX_DB_CERT_FILE}/${ZBX_DB_CERT_FILE}/g" \
-        -e "s/{ZBX_DB_CA_FILE}/${ZBX_DB_CA_FILE}/g" \
-        -e "s/{ZBX_DB_VERIFY_HOST}/${ZBX_DB_VERIFY_HOST:-"false"}/g" \
-        -e "s/{ZBX_DB_CIPHER_LIST}/${ZBX_DB_CIPHER_LIST}/g" \
-        -e "s/{DB_DOUBLE_IEEE754}/${DB_DOUBLE_IEEE754:-"true"}/g" \
-        -e "s/{ZBX_HISTORYSTORAGEURL}/$history_storage_url/g" \
-        -e "s/{ZBX_HISTORYSTORAGETYPES}/$history_storage_types/g" \
-    "$ZBX_WEB_CONFIG"
-        
     if [ -n "${ZBX_SESSION_NAME}" ]; then
         cp "$ZBX_WWW_ROOT/include/defines.inc.php" "/tmp/defines.inc.php_tmp"
         sed "/ZBX_SESSION_NAME/s/'[^']*'/'${ZBX_SESSION_NAME}'/2" "/tmp/defines.inc.php_tmp" > "$ZBX_WWW_ROOT/include/defines.inc.php"