cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

URL Monitor certificate error

moses_chacko
Organizer

Hi

I am trying to setup a URL monitor for an application that uses self signed certificates.

I am checking the "Accept untrusted certificates".

But upon execution I keep getting the below error. Wondering if anybody had a similar issue or any ideas on what I could try

Thanks

Moses

Appmon version 7.1

Connection failed: DynaTraceHttpClientException: Exception was thrown while executing a HTTP request
Caused by: SSLHandshakeException: Received fatal alert: handshake_failure
SSL handshake failed, this may be caused by a broken, incompatible or self signed certificate. Check the 'Accept untrusted certificates' option to accept self signed certificates.


2 REPLIES 2

JamesKitson
Dynatrace Leader
Dynatrace Leader

1 thing I've tried so far is un-disabling a bunch of algorithms and such in the collector java security config file in case there wasn't an algorithm or something like that they could agree on. Still want to try a few things in that area but no luck yet - I doubt it's just because the cert is self signed since we have that check box checked and that has always worked in the past.


JamesKitson
Dynatrace Leader
Dynatrace Leader

Looked at some of the details in wireshark and comparing to how it was working in the browser it looked like the server wanted to use a cipher suite the jre didn't have enabled out of the box.

Some searching lead me to this resolution which I just tested on my local collector and it runs fine now:

The JREs disable all 256-bit crypto by default. To enable you can download Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files here: http://www.oracle.com/technetwork/java/javase/downloads/index.html

Replace the local_policy.jar and US_export_policy.jar jars files into your lib/security in jre directory.

James