• Forums
    • Public Forums
      • Community Connect
      • Dynatrace
        • Dynatrace Open Q&A
      • Application Monitoring & UEM
        • AppMon & UEM Open Q&A
      • Network Application Monitoring
        • NAM Open Q&A
  • Home /
  • Public Forums /
  • Network Application Monitoring /
  • NAM Open Q&A /
avatar image
Question by Wai C. · Dec 21, 2017 at 09:20 AM · nam probe

Is non-empty-output of 'ssldecr keys' a definite check for making sure the keys are loaded?

Based on my discussion with other partner who are also using dcrum, seems like sometimes even if 'ssldecr keys' returned empty, the key are somehow still loaded (verified by the population of HTTPS software service data in dashboard)

IF that's true, that would means this command is useless isn't it? Compare with 'show ssldecr keys' back then in classical AMD.

Comment

People who like this

0 Show 0
10 |2000000 characters needed characters left characters exceeded
  • Viewable by all users
  • Viewable by moderators
  • Viewable by moderators and the original poster
  • Advanced visibility
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 10 attachments (including images) can be used with a maximum of 50.0 MiB each and 250.0 MiB total.

1 Reply

  • Sort: 
  • Most voted
  • Newest
  • Oldest
avatar image

Answer by John L. · Jan 29, 2018 at 05:01 PM

Just seeing an HTTPS software service in the dashboard does necessarily mean the key is loaded. If operations are seen, it could mean that HTTPS sessions are being reported. (Operations: handshakes/data exchange; Tasks: keys used; Modules: Ciphers used; Services: SSL version)

Verifying the key is used would mean sessions are decrypted and operations are reported in the operations list. Look for actual HTTP-type operations (https://domain/path/URL) showing up in the operations list. If http operations are reported, that would mean the key is loaded and used for decryption.

I've always been able to trust 'ssldecr keys' command in the console.

Comment

People who like this

0 Show 0 · Share
10 |2000000 characters needed characters left characters exceeded
  • Viewable by all users
  • Viewable by moderators
  • Viewable by moderators and the original poster
  • Advanced visibility
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 10 attachments (including images) can be used with a maximum of 50.0 MiB each and 250.0 MiB total.

How to get started

First steps in the forum
Read Community User Guide
Best practices of using forum

NAM 2019 SP5 is available


Check the RHEL support added in the latest NAM service pack.

Learn more

LIVE WEBINAR

"Performance Clinic - Monitoring as a Self Service with Dynatrace"


JANUARY 15, 3:00 PM GMT / 10:00 AM ET

Register here

Follow this Question

Answers Answers and Comments

22 People are following this question.

avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image

Related Questions

Key is showing reading failed.

What are Your Reasons for Decrypting SSL Traffic?

"Session not seen from the beginning" count is very high.

Why is DC RUM showing used ciphers in hex instead of text?

Issue with SSL and TomEE Servers

Forum Tags

esm siebel Dynatrace Managed license nam probe wan citrix dna rest api configuration mq alerting NAM 2018 dashboard dcrumadvisory reports css nam universal decode database mobileapp RUM ads sap nam console scripting nam server sequence transactions nam 2019 upgrade
  • Forums
  • Public Forums
    • Community Connect
    • Dynatrace
      • Dynatrace Open Q&A
    • Application Monitoring & UEM
      • AppMon & UEM Open Q&A
    • Network Application Monitoring
      • NAM Open Q&A