https://community.dynatrace.com/t5/Open-Q-A/How-encryption-in-transit-is-enabled-over-port-9999-from-one/m-p/121734#M13771 <P>Hi,</P><P>We are frequently getting below question from our network team,Please provide configurations/screenshots showing encryption in transit is enabled over port 9999.</P><P>I didn't find any relevant documentation to provide them reference.</P> Fri, 12 Feb 2021 15:22:35 GMT tarun_kumar_aga 2021-02-12T15:22:35Z https://community.dynatrace.com/t5/Open-Q-A/How-encryption-in-transit-is-enabled-over-port-9999-from-one/m-p/121734#M13771 <P>Hi,</P><P>We are frequently getting below question from our network team,Please provide configurations/screenshots showing encryption in transit is enabled over port 9999.</P><P>I didn't find any relevant documentation to provide them reference.</P> Fri, 12 Feb 2021 15:22:35 GMT https://community.dynatrace.com/t5/Open-Q-A/How-encryption-in-transit-is-enabled-over-port-9999-from-one/m-p/121734#M13771 tarun_kumar_aga 2021-02-12T15:22:35Z https://community.dynatrace.com/t5/Open-Q-A/How-encryption-in-transit-is-enabled-over-port-9999-from-one/m-p/121735#M13772 <P>Unless you reconfigured the ActiveGate manually, there is https communication with TLS1.2 between ActiveGate and OneAgents.</P> Fri, 12 Feb 2021 15:28:58 GMT https://community.dynatrace.com/t5/Open-Q-A/How-encryption-in-transit-is-enabled-over-port-9999-from-one/m-p/121735#M13772 Julius_Loman 2021-02-12T15:28:58Z https://community.dynatrace.com/t5/Open-Q-A/How-encryption-in-transit-is-enabled-over-port-9999-from-one/m-p/121736#M13773 <P><A rel="user" href="https://answers.dynatrace.com/users/16467/view.html" nodeid="16467">@Július L.</A></P><P>They are asking for some sort of reference documentation.i didn't find any.</P><P>Is there any way i can show them proof.</P><P>Thanks,</P><P>Tarun</P> Fri, 12 Feb 2021 15:36:35 GMT https://community.dynatrace.com/t5/Open-Q-A/How-encryption-in-transit-is-enabled-over-port-9999-from-one/m-p/121736#M13773 tarun_kumar_aga 2021-02-12T15:36:35Z https://community.dynatrace.com/t5/Open-Q-A/How-encryption-in-transit-is-enabled-over-port-9999-from-one/m-p/121737#M13774 <P>Look here, focus on ssl-protocols:<BR /><A rel="noopener noreferrer" href="https://www.dynatrace.com/support/help/shortlink/sgw-configure#section-comcompuwareapmwebserver-" target="_blank">https://www.dynatrace.com/support/help/shortlink/sgw-configure#section-comcompuwareapmwebserver-</A></P> Fri, 12 Feb 2021 15:45:43 GMT https://community.dynatrace.com/t5/Open-Q-A/How-encryption-in-transit-is-enabled-over-port-9999-from-one/m-p/121737#M13774 Julius_Loman 2021-02-12T15:45:43Z https://community.dynatrace.com/t5/Open-Q-A/How-encryption-in-transit-is-enabled-over-port-9999-from-one/m-p/121738#M13775 <P>also here:</P><P><A rel="noopener noreferrer" href="https://www.dynatrace.com/support/help/shortlink/sgw-types#route-oneagent-traffic-to-dynatrace-monitor-cloud-environments-or-monitor-remote-technologies-with-extensions-" target="_blank">https://www.dynatrace.com/support/help/shortlink/sgw-types#route-oneagent-traffic-to-dynatrace-monitor-cloud-environments-or-monitor-remote-technologies-with-extensions-</A></P><BLOCKQUOTE><STRONG>Authentication</STRONG><BR />ActiveGate authenticates OneAgent requests (SSL handshake and environment ID authentication).</BLOCKQUOTE><P>And here:</P><P><A rel="noopener noreferrer" href="https://www.dynatrace.com/support/help/setup-and-configuration/dynatrace-activegate/configuration/configure-custom-ssl-certificate-on-activegate/" target="_blank">https://www.dynatrace.com/support/help/setup-and-configuration/dynatrace-activegate/configuration/configure-custom-ssl-certificate-on-activegate/</A></P><BLOCKQUOTE>Communication between OneAgents and ActiveGate takes place over an encrypted HTTPS channel. ActiveGate provides an authentication certificate to all connecting clients. While OneAgent instances may ignore the validity of ActiveGate certificates (depending on configuration), connections from browser clients (such as the <A href="https://www.dynatrace.com/support/help/how-to-use-dynatrace/real-user-monitoring/setup-and-configuration/web-applications/initial-configuration/rum-injection/">RUM JavaScript tag</A>) do verify that the hostname listed in the certificate is correct, before they send data.</BLOCKQUOTE> Fri, 12 Feb 2021 16:58:08 GMT https://community.dynatrace.com/t5/Open-Q-A/How-encryption-in-transit-is-enabled-over-port-9999-from-one/m-p/121738#M13775 Radoslaw_Szulgo 2021-02-12T16:58:08Z