20 Sep 2018 03:49 PM
Is it possible to automatically update the certificate / privatekey etc on the cluster nodes and active gate in Dynatrace Managed?
Solved! Go to Solution.
20 Sep 2018 06:15 PM
Hello Tarjei,
You can have Dynatrace automatically manage this for you or you could disable that option and use your own self-signed certificates.
Install your own certificates: https://www.dynatrace.com/support/help/deploy-dynatrace/managed/installation/install-your-own-ssl-certificate/
Allow Dynatrace to manage them: Settings > Preferences in the Cluster Management Console and enable the Manage domain name and SSL certificates option.
Thanks,
David Nicholls
21 Sep 2018 08:21 AM
Hi David, thank you for chiming in.
So since Dynatrace is using Letsencrypt, and I am going to use letsencrypt the probability of there beeing somewhere to change the setting for that is high, meaning that I could leverage Dyantrace's built in Letsencrypt certificate updater.
However, that not being documented at the moment I have tried the Install your own certificate steps as described on your link. I have not been able to perform the openssl command in any flavour of linux I have tried it on, openssl doesnt recognize the parameters. And also, I don't see it mentioning anywhere about how to upgrade the ActiveGates.
Any ideas?
21 Sep 2018 04:41 PM
Hello Tarjei,
Please double check that double check that your commands were correct. As you can see from this example, the openssl line should work.
https://support.citrix.com/article/CTX122930
Thanks,
David Nicholls
24 Sep 2018 08:55 AM
Hi,
I am talking about this line:
openssl pkcs8 -export -out <dynatrace-keystore.pkcs8> -name dynatraceserver -password pass:dynatrace -in <server_certificate.cer> -certfile <root-and-intermediate-certificates.cer> -inkey <private-key-for-certificates.pem>
Which I am not able to see anywhere in that citrix article.