FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

SSL certificates for Integration

Go to solution
mrc15816
Advisor

‎12 Feb 2020 10:05 PM

Hello, we are a Dynatrace managed customer and we are trying to better understand how the DT works in the integration space ex. Webhooks

We have our self-signed certs - enterprise level (sorry if I am not using the right terminology) loaded on the DT cluster, but when we try to establish communication with Webhooks system. We see an error in the server.0.0.log

"exception=SSLHandshakeException: sun.security.validator.ValidatorExpception:PKIX path building failed:.. sun.security.provider.certpath.SunCertPathBuilderException : unable to find valid certification path to requested target ..."

Webhook system has the proper enterprise level cert loaded and we believe it is on the DT side that the trust is not working to verify the cert presented by the Webhook system.

If you have run into similar issue what was your resolution and can you please share with us? We got some suggestions but our admin is not happy is messing with JRE\cacerts as these will be overwritten with new updates.

Thank you in advance!

Labels:
0 Kudos
Reply
3 REPLIES 3

Go to solution
skrystosik
DynaMight Guru
DynaMight Guru

‎12 Feb 2020 11:22 PM

Only idea I have is because root cert on managed cluster

https://www.dynatrace.com/support/help/shortlink/managed-ssl#before-you-begin

For ActiveGate that is executing plugins that are asking https web services we had to provide root cert. without that it does not work properly. But there we had opposite situation, dynatrace cluster has default letr’s encrypt cert and called service had cert generated by organisation.

Sebastian

Regards, Sebastian
Reply

Go to solution
mrc15816
Advisor
In response to skrystosik

‎13 Feb 2020 04:12 PM

Thank you Sebastian! We have already uploaded our internal certs and the UI works like expected, but the SSL fails when we initiate a Webhooks session and our understanding was Dynatrace maintains another keystore/truststore. We were given 5 different locations and one of them is JRE and our admin has concerns about this directory.

0 Kudos
Reply

Go to solution
mrc15816
Advisor

‎28 Feb 2020 01:13 AM

The support has provided us a solution by uploading our chain certs to the store under server/conf - we were able to validate and confirm it is working as expected .

0 Kudos
Reply
Ask a question

Featured Posts