• Forums
    • Public Forums
      • Community Connect
      • Dynatrace
        • Dynatrace Open Q&A
      • Application Monitoring & UEM
        • AppMon & UEM Open Q&A
      • Network Application Monitoring
        • NAM Open Q&A
  • Home /
  • Public Forums /
  • Dynatrace /
  • Dynatrace Open Q&A /
This question was closed Feb 28, 2020 at 01:14 AM by Venkata C. for the following reason: The question is answered, right answer was accepted
avatar image
Question by Venkata C. · Feb 12, 2020 at 10:05 PM · administration

SSL certificates for Integration

Hello, we are a Dynatrace managed customer and we are trying to better understand how the DT works in the integration space ex. Webhooks

We have our self-signed certs - enterprise level (sorry if I am not using the right terminology) loaded on the DT cluster, but when we try to establish communication with Webhooks system. We see an error in the server.0.0.log

"exception=SSLHandshakeException: sun.security.validator.ValidatorExpception:PKIX path building failed:.. sun.security.provider.certpath.SunCertPathBuilderException : unable to find valid certification path to requested target ..."

Webhook system has the proper enterprise level cert loaded and we believe it is on the DT side that the trust is not working to verify the cert presented by the Webhook system.

If you have run into similar issue what was your resolution and can you please share with us? We got some suggestions but our admin is not happy is messing with JRE\cacerts as these will be overwritten with new updates.

Thank you in advance!

Comment

People who like this

0 Show 0
10 |2000000 characters needed characters left characters exceeded
  • Viewable by all users
  • Viewable by moderators
  • Viewable by moderators and the original poster
  • Advanced visibility
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 10 attachments (including images) can be used with a maximum of 50.0 MiB each and 250.0 MiB total.

2 Replies

  • Sort: 
  • Most voted
  • Newest
  • Oldest
avatar image
Best Answer

Answer by Sebastian K. · Feb 12, 2020 at 11:22 PM

Only idea I have is because root cert on managed cluster

https://www.dynatrace.com/support/help/shortlink/managed-ssl#before-you-begin

For ActiveGate that is executing plugins that are asking https web services we had to provide root cert. without that it does not work properly. But there we had opposite situation, dynatrace cluster has default letr’s encrypt cert and called service had cert generated by organisation.

Sebastian

Comment
franck g.

People who like this

1 Show 1 · Share
10 |2000000 characters needed characters left characters exceeded
  • Viewable by all users
  • Viewable by moderators
  • Viewable by moderators and the original poster
  • Advanced visibility
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 10 attachments (including images) can be used with a maximum of 50.0 MiB each and 250.0 MiB total.

avatar image Venkata C. · Feb 13, 2020 at 04:12 PM 0
Share

Thank you Sebastian! We have already uploaded our internal certs and the UI works like expected, but the SSL fails when we initiate a Webhooks session and our understanding was Dynatrace maintains another keystore/truststore. We were given 5 different locations and one of them is JRE and our admin has concerns about this directory.

avatar image
Best Answer

Answer by Venkata C. · Feb 28, 2020 at 01:13 AM

The support has provided us a solution by uploading our chain certs to the store under server/conf - we were able to validate and confirm it is working as expected .

Comment

People who like this

0 Show 0 · Share
10 |2000000 characters needed characters left characters exceeded
  • Viewable by all users
  • Viewable by moderators
  • Viewable by moderators and the original poster
  • Advanced visibility
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 10 attachments (including images) can be used with a maximum of 50.0 MiB each and 250.0 MiB total.

How to get started

First steps in the forum
Read Community User Guide
Best practices of using forum

NAM 2019 SP5 is available


Check the RHEL support added in the latest NAM service pack.

Learn more

LIVE WEBINAR

"Performance Clinic - Monitoring as a Self Service with Dynatrace"


JANUARY 15, 3:00 PM GMT / 10:00 AM ET

Register here

Follow this Question

Answers Answers and Comments

28 People are following this question.

avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image

Related Questions

IP address mapping rules Overlapping and Failed Issues

When would the Watchdoguserconfig.conf apearred?

What does all the different storage/retention means?

Easy way to disable the Automatically inject real user monitoring

Looks like portal.dynatrace.com is down. Any ETA on resolution?

Forum Tags

mobile monitoring dotnet iis chat kubernetes servicenow amazon web services feedback mysql mainframe application rules rest api cassandra dashboard oneagent sdk cmc application monitoring openkit smartscape request attributes monitoring developer community user tagging log monitoring services ufo activegate auto-detection high five award uem webserver usql iib test automation license ios news migration management zones ibm mq web services notifications sso host monitoring knowledge sharing reports browser monitors java hybris sap vmware maintenance window user action naming javascript appmon ai availability tipstricks automation extensions diagnostic tools session replay permissions search davis assistant auto-update faq documentation problem detection http monitors easytravel apdex network docker tags and metadata cloud foundry google cloud platform synthetic monitoring process groups account usability dynatrace saas gui paas openshift key user actions administration production user actions postgresql synthetic locations upgrade oneagent security Dynatrace Managed user management python technologies mongodb openstack user session monitoring continuous delivery citrix configuration alerting performance monitoring NGINX action naming linux nam installation error reporting database mission control apache mobileapp RUM php azure purepath davis scripting aix nodejs android
  • Forums
  • Public Forums
    • Community Connect
    • Dynatrace
      • Dynatrace Open Q&A
    • Application Monitoring & UEM
      • AppMon & UEM Open Q&A
    • Network Application Monitoring
      • NAM Open Q&A