cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Looking to upgrade from Dynatrace Managed to SaaS? See how

How to change the port for Dynatrace Managed

Can I change the default port for Dynatrace Managed (Web UI 443) to another port?

7 REPLIES 7

Babar_Qayyum
DynaMight Guru
DynaMight Guru

Hello @dynatrace A.

I guess it can be possible only if we use our own trusted SSL certificate, but someone else in the community can correct this understanding.

https://www.dynatrace.com/support/help/setup-and-configuration/dynatrace-managed/installation/instal...

Regards,

Babar

Radoslaw_Szulgo
Inactive

Theoretically, it is possible by modifying a rule in iptables that redirects traffic from 443 to 8022 (NGINX). However, such a modification is not supported as many places in communication will refer to :443 port hardcoded.

What you may want to do instead, is to set up a load balancer exposed on a custom port and keep Dynatrace Managed hidden behind.

Senior Product Manager,
Dynatrace Managed expert

Hello @Radoslaw S.

We have the suggested setup referred to in your comments, but the only difference that we are using port 443 (because the cluster node is listening on port 443).

I just wanted to know where/how to use the custom port.

https://www.dynatrace.com/support/help/setup-and-configuration/dynatrace-managed/configuration/which...

Regards,

Babar

Hi Babar,

as you see:

443 is Routed to local port 8022 using an iptables' prerouting rule. This port must remain open. All Dynatrace communication to the cluster is handled over secure socket HTTPS communication (port 443) with strong cryptography to guarantee your data privacy.


So Dynatrace Managed nodes does not actually listen on 443. You could either have your LB redirect to :443 port or :8022 (NGINX) - in these cases you don't need to care about cookies/session-stickiness as NGINX handle that. Or you can redirect to :8021 (server) - in that case you need to care of session-stickiness.

There's also an option you disable firewall service (clear iptable rules) and manage it by your own to set it up.

Senior Product Manager,
Dynatrace Managed expert

Hello @Radoslaw S.

Now I understood the idea that there is an already prerouting configured rule from 443 to 8022, so for the LB SSL certificate, we can use the 8022 instead of the 443.

Is my understanding correct?

Regards,

Babar

yes, you should be able to

Senior Product Manager,
Dynatrace Managed expert

Hello @Radoslaw S.

Thank you for the endorsement.

@dynatrace A.

Now you can implement the same solution to achieve your objectives.

https://www.dynatrace.com/support/help/setup-and-configuration/dynatrace-managed/configuration/which...

Regards,

Babar

Featured Posts