On installation of Linux OneAgent, we are asked to verify signature like this:
Once we have installed OneAgent with this certificate, I think we don't have to update the certificate for a while, but are there any plans to update the SSL certificate of OneAgent at some future time?
If you have those plans, please let me know how often and when you update it.
Solved! Go to Solution.
I believe that command to verify the signature is just best practice to ensure there were no issues with the installer and that is in the true installer from Dynatrace that was obtained, it is not mandatory per se. The Security Gateways and Cluster nodes are what have the certificates - the OneAgent itself does not have or need any certificate.
I believe OneAgents handle all of that without manual intervention. Accessing the UI via a browser and a few other scenarios are when a valid SSL certificate becomes important. Note that if you let Dynatrace manage the certificates I believe it automatically updates the certificates via Let's Encrypt over time so this wouldn't be a concern at all.
I haven't dealt with that extensively yet, I'll update if I come across anything. I imagine since the traffic is all sent HTTPS it definitely needs a valid cert to be secure but dunno about the details of managing that manually. Like nginx might be able to share the cert with the server or something like that.
Thanks for your answers.
I'm getting to understand.
When we download installers, we can optionally download the signature.
It is used for the installation of OneAgent, and it has nothing to do with the connection between installed OneAgent/Private Security Gateway and SaaS Cluster,so we don't have to worry, right?
Hi @Adam G.,
Yes, as you said, step 1& 3 are mandatory and step 2 is optional.
I didn't seem to understand that well.
The signature is mandantory, so that means it is not used for connection between OneAgent which has been installed and the Dynatrace SaaS Cluster.
I'm sorry for my lack of understanding.
I understand what you said.
I appreciate your kind cooperation!