https://community.dynatrace.com/t5/Troubleshooting/ActiveGate-Managed-VA-scan-shows-vulnerable-cipher-or/ta-p/239631 <H2>Self Service Summary</H2> <P>&nbsp;</P> <P>Security team or scan/vulnerability assessment is reporting that a Dynatrace component is using vulnerable ciphers (an insecure certificate) and affected ciphers should be disabled.</P> <P>&nbsp;</P> <TABLE width="750px"> <THEAD> <TR> <TH width="96.8924px" height="19px">Issue</TH> <TH width="96.9445px" height="19px">Solution</TH> <TH width="217.656px" height="19px">Tasks</TH> <TH width="337.396px" height="19px">Alternative(s)</TH> </TR> </THEAD> <TBODY> <TR> <TD width="96.8924px" height="152px">Insecure&nbsp; or deprecated ciphers reported</TD> <TD width="96.9445px" height="152px">Disable ciphers, define supported ciphers</TD> <TD width="217.656px" height="152px">Follow below linked documentation for the affected Dynatrace component</TD> <TD width="337.396px" height="152px"> <UL> <LI>Open a chat for configuration assistance</LI> <LI>Open a <A href="https://one.dynatrace.com/hc/en-us/requests/new?securityrequest=true" target="_blank" rel="noopener">support ticket</A> for problems or <A href="https://community.dynatrace.com/t5/Troubleshooting/Report-a-security-vulnerability/ta-p/195675" target="_blank" rel="noopener">vulnerability inquires</A> related to certificates managed by Dynatrace</LI> </UL> </TD> </TR> </TBODY> </TABLE> <P>&nbsp;</P> <P><SPAN>You can configure supported ciphers/certificates, by following the following documentations:</SPAN></P> <UL dir="auto"> <LI>Managed: <UL> <LI><A href="https://docs.dynatrace.com/managed/managed-cluster/installation/customize-installation-for-dynatrace-managed#ssl-certificates-parameters" target="_blank" rel="noopener noreferrer">Managed via SSL certificate parameters</A></LI> <LI><A href="https://docs.dynatrace.com/managed/managed-cluster/installation/install-your-own-ssl-certificate" target="_self">Managed via deployment status page</A>&nbsp;</LI> </UL> </LI> <LI>ActiveGate: <UL> <LI><A href="https://docs.dynatrace.com/managed/setup-and-configuration/dynatrace-activegate/configuration/how-to-configure-ciphers-on-activegate" target="_blank" rel="noopener noreferrer">Cluster ActiveGate via&nbsp;<SPAN>custom.properties</SPAN>&nbsp;file</A></LI> <LI><A href="https://docs.dynatrace.com/docs/shortlink/activegate-ciphers" target="_blank" rel="noopener noreferrer">Others ActiveGates via custom.properties file</A></LI> </UL> </LI> </UL> Tue, 24 Jun 2025 07:40:05 GMT stefanie_pachne 2025-06-24T07:40:05Z https://community.dynatrace.com/t5/Troubleshooting/ActiveGate-Managed-VA-scan-shows-vulnerable-cipher-or/ta-p/239631 <H2>Self Service Summary</H2> <P>&nbsp;</P> <P>Security team or scan/vulnerability assessment is reporting that a Dynatrace component is using vulnerable ciphers (an insecure certificate) and affected ciphers should be disabled.</P> <P>&nbsp;</P> <TABLE width="750px"> <THEAD> <TR> <TH width="96.8924px" height="19px">Issue</TH> <TH width="96.9445px" height="19px">Solution</TH> <TH width="217.656px" height="19px">Tasks</TH> <TH width="337.396px" height="19px">Alternative(s)</TH> </TR> </THEAD> <TBODY> <TR> <TD width="96.8924px" height="152px">Insecure&nbsp; or deprecated ciphers reported</TD> <TD width="96.9445px" height="152px">Disable ciphers, define supported ciphers</TD> <TD width="217.656px" height="152px">Follow below linked documentation for the affected Dynatrace component</TD> <TD width="337.396px" height="152px"> <UL> <LI>Open a chat for configuration assistance</LI> <LI>Open a <A href="https://one.dynatrace.com/hc/en-us/requests/new?securityrequest=true" target="_blank" rel="noopener">support ticket</A> for problems or <A href="https://community.dynatrace.com/t5/Troubleshooting/Report-a-security-vulnerability/ta-p/195675" target="_blank" rel="noopener">vulnerability inquires</A> related to certificates managed by Dynatrace</LI> </UL> </TD> </TR> </TBODY> </TABLE> <P>&nbsp;</P> <P><SPAN>You can configure supported ciphers/certificates, by following the following documentations:</SPAN></P> <UL dir="auto"> <LI>Managed: <UL> <LI><A href="https://docs.dynatrace.com/managed/managed-cluster/installation/customize-installation-for-dynatrace-managed#ssl-certificates-parameters" target="_blank" rel="noopener noreferrer">Managed via SSL certificate parameters</A></LI> <LI><A href="https://docs.dynatrace.com/managed/managed-cluster/installation/install-your-own-ssl-certificate" target="_self">Managed via deployment status page</A>&nbsp;</LI> </UL> </LI> <LI>ActiveGate: <UL> <LI><A href="https://docs.dynatrace.com/managed/setup-and-configuration/dynatrace-activegate/configuration/how-to-configure-ciphers-on-activegate" target="_blank" rel="noopener noreferrer">Cluster ActiveGate via&nbsp;<SPAN>custom.properties</SPAN>&nbsp;file</A></LI> <LI><A href="https://docs.dynatrace.com/docs/shortlink/activegate-ciphers" target="_blank" rel="noopener noreferrer">Others ActiveGates via custom.properties file</A></LI> </UL> </LI> </UL> Tue, 24 Jun 2025 07:40:05 GMT https://community.dynatrace.com/t5/Troubleshooting/ActiveGate-Managed-VA-scan-shows-vulnerable-cipher-or/ta-p/239631 stefanie_pachne 2025-06-24T07:40:05Z