question

Jason J. avatar image
Jason J. asked ·

Dynatrace Managed certificate failure

Hi

I have deployed DynaTrace Managed and all goes well on install, however when launching the URL I see the following event.

SecurityException: Cannot register cluster with OPC: OPCFailedRequestException: request failed - SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target - https://opcsvc.ruxit.com/rest/public/v3.0/registr...

I have checked with our firewall team and they are stating it is an issue with the Root CA.

I don't have much coverage with linux but has anyone seen this issue before.

Thanks in advance

Jason

Dynatrace Managedinstallationmission control
1 comment
10 |2000000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 50.0 MiB each and 250.0 MiB total.

Are you connecting to MC through a proxy?

1 Like 1 · ·
Radoslaw S. avatar image
Radoslaw S. answered ·

Seems your proxy/firewall does not allow you to connect to https://mcsvc.dynatrace.com

nor as a fall back to https://opcsvc.ruxit.com


I bet your proxy/firewall server has self-signed (or non CA-signed) certificate. In that case you need to add that certificate to dynatrace truststore. See

https://www.dynatrace.com/support/help/installatio...

for details.

2 comments Share
10 |2000000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 50.0 MiB each and 250.0 MiB total.

Hi Radoslaw,

I am facing same issue.

But During installation proxy worked I got connected message in putty

But for mission control connection it's showing this error.

Is it sufficient to whitelist https://mcsvc.dynatrace.com. URL??

Please suggest.

1 Like 1 · ·

Yes, as documentation states - mcsvc.dynatrace.com is sufficient to whitelist. But if you have a proxy with a self-signed certificate you need to import that certificate into the keystore. This help page might help:


https://www.dynatrace.com/support/help/setup-and-configuration/dynatrace-managed/configuration/how-to-add-a-certificate-to-server-trust-store

1 Like 1 · ·
Julius L. avatar image
Julius L. answered ·

It seems to me that your company is doing man-in-the-middle inspection for SSL/TLS traffic. If this is the case, adding the local company CA certificate to the server truststore will help, just as @Radoslaw S. suggests.

Share
10 |2000000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 50.0 MiB each and 250.0 MiB total.

Radoslaw S. avatar image
Radoslaw S. answered ·

I'm investigating that. I'll keep you updated.

Share
10 |2000000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 50.0 MiB each and 250.0 MiB total.

Space Topics

mobile monitoring dotnet synthetic monitoring reports iis chat kubernetes servicenow amazon web services mysql mainframe rest api errors cassandra dashboard oneagent sdk cmc application monitoring openkit smartscape request attributes monitoring developer community user tagging log monitoring services ufo syntheticadvisory activegate ip addresses auto-detection high five award oracle hyperion webserver uem usql iib test automation license web performance monitoring ios news migration management zones index ibm mq web services custom event alerts notifications sso host monitoring knowledge sharing reports browser monitors java hybris sap vmware maintenance window user action naming javascript appmon ai synthetic classic availability tipstricks automation extensions diagnostic tools session replay permissions davis assistant faq documentation problem detection http monitors server easytravel apdex aws-quickstart network docker tags and metadata cloud foundry google cloud platform synthetic monitoring process groups account usability dynatrace saas gui paas openshift key user actions administration user actions postgresql synthetic locations oneagent security Dynatrace Managed user management custom python technologies mongodb openstack user session monitoring continuous delivery citrix configuration alerting NGINX action naming linux nam installation masking error reporting database mission control jmeter recorder apache mobileapp RUM php threshold azure purepath davis scripting agent aix nodejs android