Hi All,
I am trying to spin up Dockerzied version of Appmon and seeing errors related to SSL certificates :
SEVERE [ImportCertificateStrategy] client did not accepted ssl client certificates. will not establish trust for [collector_client]: NotAfter: Thu Mar 07 10:37:35 GMT 2019
My question is is there a way to wipe off the SSL certificates or spin up the appmon docker contaienrs in on SSL mode and let client conncect to the server?
Answer by Sebastian K. ·
You can wipe them only when you will run it first. There is wizard for that. I've mentioned it in previous post related to the same question. You will not be able to run it as long you will not ovveride settings for frontend and backend servers to allow non SSL connections (as well collector). Frontend has to access nonssl connection from client. Then you will have to use proper ports to make it work.
Sebastian
@Sebastian K. i am not user what else need to be done when i have already modified the SSL port to non SSL. Here is an example of .env file which is inside the Dynatrace-Collector folder :-
DT_SERVER_LICENSE_KEY_FILE_URL=
COMPOSE_PROJECT_NAME=dynatracedocker
DT_HOME=/opt/dynatrace
DT_COLLECTOR_LOG_PATH_ON_HOST=/tmp/log/dynatrace/collectors/dtcollector
DT_COLLECTOR_NAME=dtcollector
DT_COLLECTOR_GROUP_NAME=
DT_SERVER_NAME=dtserver
DT_COLLECTOR_SERVER=dtserver:6698
DT_AGENT_NAME=dtagent
APPMON_ONEAGENT_NONSSL_SERVER_PORT=8040
APPMON_ONEAGENT_SSL_SERVER_PORT=8041
APPMON_COLLECTOR_PORT=9998
APPMON_COLLECTOR_SERVER_SSL_PORT=6698
VERSION=7.0
BUILD_VERSION=7.0.0.2469
CUID=0
CGID=0
And here is an example of .env file which is inside Dynatrace-Server folder :-
#if your url doesn't end with license filename, you should adjust pull-license-key-file.sh script
DT_SERVER_LICENSE_KEY_FILE_URL=
COMPOSE_PROJECT_NAME=dynatracedocker
DT_HOME=/opt/dynatrace
DT_SERVER_LOG_PATH_ON_HOST=/tmp/log/dynatrace/servers/dtserver
DT_SERVER_NAME=dtserver
APPMON_WEB_CLIENT_NONSSL_PORT=8020
APPMON_WEB_CLIENT_SSL_PORT=8021
APPMON_ONEAGENT_NONSSL_SERVER_PORT=8040
APPMON_ONEAGENT_SSL_SERVER_PORT=8041
APPMON_CLIENT_NONSSL_PORT=2021
APPMON_CLIENT_SSL_PORT=8023
APPMON_COLLECTOR_PORT=9998
APPMON_COLLECTOR_SERVER_SSL_PORT=6698
VERSION=7.0
BUILD_VERSION=7.0.0.2469
CUID=0
CGID=0
Env variables is not enough, you have to change Front end server, server and collector config files to allow non ssl communication. Without this it will not work.
Sebastian
JANUARY 15, 3:00 PM GMT / 10:00 AM ET