cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

This product reached the end of support date on March 31, 2021.

Difference between analyzers: https and ssl?

Hello,

What is the difference between analyzers https and ssl? Also, there used to be an ssl decrypted under older versions of DCRUM. What happened? Did one these replace it?

This page from the 2017 documentation was of no help.

https://community.dynatrace.com/community/display/...

Thanks and God bless,
Genesius

6 REPLIES 6

Erik_Soderquist
Dynatrace Pro
Dynatrace Pro

The "SSL Decrypted" analyzer was 'replaced' by the "HTTPS" analyzer (with improved capabilities).

The "SSL" analyzer is a non-decrypting analyzer used when Diffie-Hellman ciphers are not avoidable or when the private key is not available to still provide insight into the SSL exchanges that are done in the clear, such as the handshake timing and errors

-- Erik

@Erik S.

Thank you. That is what I thought, but the documentation is sometimes either very vague, or difficult to find the answer.

Thanks and God bless,

Genesius

@Karolina L.

I received an email notifying me that you edited my original post; however, I did not see any changes.

Thanks and God bless,
Genesius

Hi Genesius,

I added the "documentation" tag to your question, so our doc team knows there is an area for improvement in the docs.

Best regards,

Karolina

Keep calm and build Community!

@Karolina L.

Thanks. I figured that out. 😉

God bless,
Genesius


@Jaroslaw O.


This is where the
documentation link was directed to in my original post. On Nov 6th, the version was changed from v.8 (my original posting) to v.9. Click her for the new documentation link.


Here is the difference between these two pages (at least from the perspective of my original question concerning HTTPS and SSL analyzers).


Original documentation (v.8)

SSL



  • Decrypts SSL 3.0/TLS 1.x traffic before it is analyzed by specific decodes.

  • Applies to Web (HTTPS), SOAP/XML, Citrix ICA, and Websphere MQ (MQS)

  • Provides secure SSL key handling with support for FIPS 140 level 2 and 3 -compliant HSMs from nCipher and Cavium



New documentation (v.9)

HTTPS



  • Decrypts SSL 3.0/TLS 1.x traffic before it is analyzed by specific decodes.

  • Applies to Web (HTTPS), SOAP/XML, Citrix ICA, and Websphere MQ (MQS)

  • Provides secure SSL key handling with support for FIPS 140 level 2 and 3 -compliant HSMs from nCipher and Cavium

SSL


Gives
you insight into the performance of the SSL exchanges without actually
decrypting the traffic. The analyzer provides the metrics of the SSL
handshake timing and errors. We recommend to use it when you're not able
to add your SSL keys to the AMD or use a cipher we're not capable od
decrypting, for example of the Diffie-Hellman based ciphers.

In the future, please post a comment with the new link it, and leave the old link unedited in the original user's post. If this wasn't my post and I read it I would never know that the documentation had been corrected. I would only review Erik's answer. Or, if I clicked the link, I would see that the information was indeed valid, and would not understand why the original poster stated it wasn't. This can lessen that forum user's credibility.

FYI @Karolina L.

Thanks and God bless,
Genesius