FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Looking to upgrade from Dynatrace Managed to SaaS? See how

How to change the port for Dynatrace Managed

Go to solution
AskMe-Solutions
Helper

‎12 Jan 2021 04:39 AM - last edited on ‎13 Jun 2023 09:57 AM by Community Team

Can I change the default port for Dynatrace Managed (Web UI 443) to another port?

0 Kudos
Reply
7 REPLIES 7

Go to solution
Babar_Qayyum
DynaMight Guru
DynaMight Guru

‎12 Jan 2021 05:58 AM

Hello @dynatrace A.

I guess it can be possible only if we use our own trusted SSL certificate, but someone else in the community can correct this understanding.

https://www.dynatrace.com/support/help/setup-and-configuration/dynatrace-managed/installation/instal...

Regards,

Babar

0 Kudos
Reply

Go to solution
Radoslaw_Szulgo
Dynatrace Guru
Dynatrace Guru

‎12 Jan 2021 07:18 AM

Theoretically, it is possible by modifying a rule in iptables that redirects traffic from 443 to 8022 (NGINX). However, such a modification is not supported as many places in communication will refer to :443 port hardcoded.

What you may want to do instead, is to set up a load balancer exposed on a custom port and keep Dynatrace Managed hidden behind.

Senior Product Manager,
Dynatrace Managed expert
Reply

Go to solution
Babar_Qayyum
DynaMight Guru
DynaMight Guru
In response to Radoslaw_Szulgo

‎12 Jan 2021 08:58 AM

Hello @Radoslaw S.

We have the suggested setup referred to in your comments, but the only difference that we are using port 443 (because the cluster node is listening on port 443).

I just wanted to know where/how to use the custom port.

https://www.dynatrace.com/support/help/setup-and-configuration/dynatrace-managed/configuration/which...

Regards,

Babar

0 Kudos
Reply

Go to solution
Radoslaw_Szulgo
Dynatrace Guru
Dynatrace Guru
In response to Babar_Qayyum

‎12 Jan 2021 09:11 AM

Hi Babar,

as you see:

443 is Routed to local port 8022 using an iptables' prerouting rule. This port must remain open. All Dynatrace communication to the cluster is handled over secure socket HTTPS communication (port 443) with strong cryptography to guarantee your data privacy.


So Dynatrace Managed nodes does not actually listen on 443. You could either have your LB redirect to :443 port or :8022 (NGINX) - in these cases you don't need to care about cookies/session-stickiness as NGINX handle that. Or you can redirect to :8021 (server) - in that case you need to care of session-stickiness.

There's also an option you disable firewall service (clear iptable rules) and manage it by your own to set it up.

Senior Product Manager,
Dynatrace Managed expert
0 Kudos
Reply

Go to solution
Babar_Qayyum
DynaMight Guru
DynaMight Guru
In response to Radoslaw_Szulgo

‎12 Jan 2021 09:29 AM

Hello @Radoslaw S.

Now I understood the idea that there is an already prerouting configured rule from 443 to 8022, so for the LB SSL certificate, we can use the 8022 instead of the 443.

Is my understanding correct?

Regards,

Babar

0 Kudos
Reply

Go to solution
Radoslaw_Szulgo
Dynatrace Guru
Dynatrace Guru
In response to Babar_Qayyum

‎12 Jan 2021 09:32 AM

yes, you should be able to

Senior Product Manager,
Dynatrace Managed expert
0 Kudos
Reply

Go to solution
Babar_Qayyum
DynaMight Guru
DynaMight Guru
In response to Radoslaw_Szulgo

‎12 Jan 2021 09:39 AM

Hello @Radoslaw S.

Thank you for the endorsement.

@dynatrace A.

Now you can implement the same solution to achieve your objectives.

https://www.dynatrace.com/support/help/setup-and-configuration/dynatrace-managed/configuration/which...

Regards,

Babar

0 Kudos
Reply
Ask a question

Featured Posts