Data Center RUM Documentation

Skip to end of metadata
Go to start of metadata

 Releases 12.4.10 and earlier

Configuring an stunnel

For releases 12.4.10 and earlier, you can add an stunnel to provide a secure and encrypted connection to the AMD.

To configure an stunnel on your AMD, you must modify the stunnel.config file. Because the stunnel.config file is automatically recreated after each rtmgate service restart, modify the /usr/adlex/rtm/bin/rtmhttp script.

Icon

Add all script modifications after the printf(STUNNEL_CNF "debug = 4\n"); line.

  1. To select permitted SSL ciphers, append the following line:

  2. To disable SSLv2 and/or SSLv3, append the following lines:

  3. To apply your changes, restart the rtmgate service.

Enable or disable non secure data transfer

By default, communication with the AMD over HTTPS is enabled. To disable it, use the rtminst command.

  1. Execute the rtminst command from the operating system prompt to start the rtminst setup program.

  2. From the rtminst menu, select [3] to access the AMD setup.

  3. Enable or disable HTTPS communication between the AMD and the report server.

    To disable the HTTPS and allow for the HTTP communication, set the port number to [0]

    Using this setup procedure you can also change the factory defined HTTPS port number. While the default HTTPS port is set to 443, you can change it according to your needs.

    1. From the AMD Setup menu, select [2].

    2. Select [e] to edit the HTTPS port value.

    3. When prompted, enter a port number for HTTPS communication and then press [Enter] to accept your settings.

    4. Press [A] to apply the new value.

    Figure 1. Configuring HTTPS Communication Between AMD and Report Server

  4. Press [X] to exit the current screen and validate your changes.

Configuring OpenSSH

To configure the OpenSSH on your AMD, you must modify the sshd_config file located in /etc/ssh folder. This configuration file contains keyword-argument pairs.

Icon

Lines starting with a hash are considered comments.

  1. Disable X11 forwarding by changing the X11 Forwarding setting from yes to no .

  2. Update ciphers by appending the following line to the configuration file:

  3. Update MACs by appending the following line to the configuration file:

  4. (optional) You can enable Protocol version 2 by uncommenting the #Protocol 2 line:

  5. To apply your changes, restart the sshd service:

Enable or disable non secure data transfer

To enable or disable the non secure data transfer vie the HTTP (port 9091), use the rtminst command.

  1. Execute the rtminst command from the operating system prompt to start the rtminst setup program.

  2. From the rtminst menu, select the AMD setup.

  3. Enable or disable HTTPS communication between the AMD and the report server.
    To enable the HTTP communication, select Enabling non-secure data transfer over HTTP then,
    Enable non-secure data transfer.


    To disable the HTTP communication, select Enabling non-secure data transfer over HTTP then,
    Disable non-secure data transfer.

  4. Press [X] to exit the current screen and validate your changes.

  • No labels