cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Adding own certificate to Cluster Nodes and Active Gate

tarjei
Organizer

Is it possible to automatically update the certificate / privatekey etc on the cluster nodes and active gate in Dynatrace Managed?


4 REPLIES 4

david_n
Inactive

Hello Tarjei,

You can have Dynatrace automatically manage this for you or you could disable that option and use your own self-signed certificates.

Install your own certificates: https://www.dynatrace.com/support/help/deploy-dynatrace/managed/installation/install-your-own-ssl-certificate/

Allow Dynatrace to manage them: Settings > Preferences in the Cluster Management Console and enable the Manage domain name and SSL certificates option.

Thanks,

David Nicholls


tarjei
Organizer

Hi David, thank you for chiming in.

So since Dynatrace is using Letsencrypt, and I am going to use letsencrypt the probability of there beeing somewhere to change the setting for that is high, meaning that I could leverage Dyantrace's built in Letsencrypt certificate updater.

However, that not being documented at the moment I have tried the Install your own certificate steps as described on your link. I have not been able to perform the openssl command in any flavour of linux I have tried it on, openssl doesnt recognize the parameters. And also, I don't see it mentioning anywhere about how to upgrade the ActiveGates.

Any ideas?


Hello Tarjei,

Please double check that double check that your commands were correct. As you can see from this example, the openssl line should work.

https://support.citrix.com/article/CTX122930

Thanks,

David Nicholls


tarjei
Organizer

Hi,

I am talking about this line:

openssl pkcs8 -export -out <dynatrace-keystore.pkcs8> -name dynatraceserver -password pass:dynatrace -in <server_certificate.cer> -certfile <root-and-intermediate-certificates.cer> -inkey <private-key-for-certificates.pem>

Which I am not able to see anywhere in that citrix article.