FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

SaaS and Managed Synth HTTP Monitor fails on obsolete security - SSL communication error

Go to solution
imoskovko1
Inactive

‎14 Jan 2019 12:53 AM

Hello

Can one suggest regarding SaaS & Manager HTTP synthetic monitor

In our test env to use RUM/NAM traffic analysis we had to downgrade MS IIS security settings to

Connection - obsolete connection settings

The connection to this site uses TLS 1.2 (a strong protocol), RSA (an obsolete key exchange), and AES_256_GCM (a strong cipher).

In other words, we disabled all Diffie-Hellman key-echange as it was discussed at https://answers.dynatrace.com/spaces/160/open-q-a_...

But now Saas and Managed HTTP Synthetic monitor fails on obsolete security connection settings https protocol 😞 - with "SSL communication error".

How to ask HTTP Synthetic monitor to accept MS IIS obsolated security settings-

HTTP v1.1 + TLS v1.2 with all DH disabled (TLS 1.2 RSA AES_256_GCM) ?

Regards,

Igor


0 Kudos
Reply
8 REPLIES 8

Go to solution
imoskovko1
Inactive

‎14 Jan 2019 12:59 AM

Here is details. Active gateway is running on CentOS and related Location is defined.


0 Kudos
Reply

Go to solution
lukasz_konieck1
Dynatrace Helper
Dynatrace Helper

‎14 Jan 2019 04:56 AM

What version of ActiveGate are you using?


Reply

Go to solution
imoskovko1
Inactive
In response to lukasz_konieck1

‎14 Jan 2019 05:14 AM

All seams to be latest on ActiveGate host:

Installed ActiveGate version: 1.157

Host is monitored. Dynatrace OneAgent is up-to-date on version 1.157


Reply

Go to solution
imoskovko1
Inactive
In response to imoskovko1

‎15 Jan 2019 12:26 AM

According to support fix is planed for near future ActiveGate release...

Will wait for it.Let know results here.

Thanks to everybody helped with this issue!


0 Kudos
Reply

Go to solution
Jan_W
Inactive

‎14 Jan 2019 06:03 AM

Hi Igor, please create a support ticket at https://www.dynatrace.com/support/contact-support...

There have been some important updates to the ciphers and security settings supported by HTTP monitors in ActiveGate v159 but it needs to be verified if this particular situation is covered.


Reply

Go to solution
imoskovko1
Inactive
In response to Jan_W

‎14 Jan 2019 06:14 AM

Done *****18453


0 Kudos
Reply

Go to solution
imoskovko1
Inactive
In response to imoskovko1

‎22 Jan 2019 12:30 AM

Now in Dynatrace Gateway 1.159.154.20181218-130356
http check is working with MS IIS obsolated security

Case solved. Many thabks!

Dynatrace support is very willing and capable to help! I am impressed. Keep up good job!


0 Kudos
Reply

Go to solution
imoskovko1
Inactive
In response to imoskovko1

‎22 Jan 2019 12:41 AM

picture is here:


0 Kudos
Reply
Ask a question