14 Jan 2019 08:53 AM - last edited on 16 Oct 2023 03:51 PM by random_user
Hello
Can one suggest regarding SaaS & Manager HTTP synthetic monitor
In our test env to use RUM/NAM traffic analysis we had to downgrade MS IIS security settings to
Connection - obsolete connection settings
The connection to this site uses TLS 1.2 (a strong protocol), RSA (an obsolete key exchange), and AES_256_GCM (a strong cipher).
In other words, we disabled all Diffie-Hellman key-echange as it was discussed at https://community.dynatrace.com/spaces/160/open-q-a_...
But now Saas and Managed HTTP Synthetic monitor fails on obsolete security connection settings https protocol 😞 - with "SSL communication error".
How to ask HTTP Synthetic monitor to accept MS IIS obsolated security settings-
HTTP v1.1 + TLS v1.2 with all DH disabled (TLS 1.2 RSA AES_256_GCM) ?
Regards,
Igor
Solved! Go to Solution.
14 Jan 2019 08:59 AM
Here is details. Active gateway is running on CentOS and related Location is defined.
14 Jan 2019 12:56 PM
What version of ActiveGate are you using?
14 Jan 2019 01:14 PM
All seams to be latest on ActiveGate host:
Installed ActiveGate version: 1.157
Host is monitored. Dynatrace OneAgent is up-to-date on version 1.157
15 Jan 2019 08:26 AM
According to support fix is planed for near future ActiveGate release...
Will wait for it.Let know results here.
Thanks to everybody helped with this issue!
14 Jan 2019 02:03 PM
Hi Igor, please create a support ticket at https://www.dynatrace.com/support/contact-support...
There have been some important updates to the ciphers and security settings supported by HTTP monitors in ActiveGate v159 but it needs to be verified if this particular situation is covered.
22 Jan 2019 08:30 AM
Now in Dynatrace Gateway 1.159.154.20181218-130356
http check is working with MS IIS obsolated security
Case solved. Many thabks!
Dynatrace support is very willing and capable to help! I am impressed. Keep up good job!