cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

DISABLE or CLEAR SSL Certificates

amitkumar
Inactive

Hi All,

I am trying to spin up Dockerzied version of Appmon and seeing errors related to SSL certificates :

SEVERE [ImportCertificateStrategy] client did not accepted ssl client certificates. will not establish trust for [collector_client]: NotAfter: Thu Mar 07 10:37:35 GMT 2019


My question is is there a way to wipe off the SSL certificates or spin up the appmon docker contaienrs in on SSL mode and let client conncect to the server?


3 REPLIES 3

You can wipe them only when you will run it first. There is wizard for that. I've mentioned it in previous post related to the same question. You will not be able to run it as long you will not ovveride settings for frontend and backend servers to allow non SSL connections (as well collector). Frontend has to access nonssl connection from client. Then you will have to use proper ports to make it work.

Sebastian

@Sebastian K. i am not user what else need to be done when i have already modified the SSL port to non SSL. Here is an example of .env file which is inside the Dynatrace-Collector folder :-


DT_SERVER_LICENSE_KEY_FILE_URL=

COMPOSE_PROJECT_NAME=dynatracedocker

DT_HOME=/opt/dynatrace

DT_COLLECTOR_LOG_PATH_ON_HOST=/tmp/log/dynatrace/collectors/dtcollector

DT_COLLECTOR_NAME=dtcollector

DT_COLLECTOR_GROUP_NAME=

DT_SERVER_NAME=dtserver

DT_COLLECTOR_SERVER=dtserver:6698

DT_AGENT_NAME=dtagent

APPMON_ONEAGENT_NONSSL_SERVER_PORT=8040

APPMON_ONEAGENT_SSL_SERVER_PORT=8041

APPMON_COLLECTOR_PORT=9998

APPMON_COLLECTOR_SERVER_SSL_PORT=6698

VERSION=7.0

BUILD_VERSION=7.0.0.2469

CUID=0

CGID=0


And here is an example of .env file which is inside Dynatrace-Server folder :-


#if your url doesn't end with license filename, you should adjust pull-license-key-file.sh script

DT_SERVER_LICENSE_KEY_FILE_URL=

COMPOSE_PROJECT_NAME=dynatracedocker

DT_HOME=/opt/dynatrace

DT_SERVER_LOG_PATH_ON_HOST=/tmp/log/dynatrace/servers/dtserver

DT_SERVER_NAME=dtserver

APPMON_WEB_CLIENT_NONSSL_PORT=8020

APPMON_WEB_CLIENT_SSL_PORT=8021

APPMON_ONEAGENT_NONSSL_SERVER_PORT=8040

APPMON_ONEAGENT_SSL_SERVER_PORT=8041

APPMON_CLIENT_NONSSL_PORT=2021

APPMON_CLIENT_SSL_PORT=8023

APPMON_COLLECTOR_PORT=9998

APPMON_COLLECTOR_SERVER_SSL_PORT=6698

VERSION=7.0

BUILD_VERSION=7.0.0.2469

CUID=0

CGID=0



Env variables is not enough, you have to change Front end server, server and collector config files to allow non ssl communication. Without this it will not work.

Sebastian