Having problems with your account or logging in?
A lot of changes are happening in the community right now. Some may affect you. READ MORE HERE
All About the Apps Blog
Sharing Micro Focus’s customer best practices and advice on modern application lifecycle management to deliver amazing apps with confidence and speed.
Use the OPTIONS button below to subscribe

All About the Apps Blog - Page 2

SRIDHARREDDY
New Member.

With the 9.40 release of Micro Focus Application Performance Management (APM), you can view the list of Business Process Monitoring agents and set the default settings in Application Health. Keep reading to find out how to utilize this capability.


Read Blog Article

Read more
2 0 1,470
SRIDHARREDDY
New Member.

With the 9.40 release of APM, you now have the ability to add or delete BPM configuration to an existing application that may or may not have the configurations of other data collectors. Keep reading to find out how to use this capability.


Read Blog Article

Read more
2 0 930
Liron Lichterman Contributor.
Contributor.

Micro Focus APM 9.40 release is now available. It supports synthetic, real-user and infrastructure monitoring, as well as deep transaction tracing and tracing asynchronous calls. Keep reading to uncover the details.


Read Blog Article

Read more
2 1 3,356
Micro Focus Frequent Contributor
Micro Focus Frequent Contributor

The information in this document is useful when you create HTTPs communication between a RUM Engine server and an APM/BSM server. Detailed steps for generating and exchanging certificates are described in the RUM Hardening Guide. This document showcases the use of an external tool, KeyStore Explorer, to add trusted self-signed certificates to the RUM Engine as well as APM Gateway servers. KeyStore Explorer is an open source GUI replacement for the Java command-line utilities keytool and jarsigner. KeyStore Explorer presents their functionality, and more, via an intuitive graphical user interface. This can be used freely under the terms of GNU General Public License version 3. Being a visual tool, KeyStore Explorer enables easy analysis and modifications of TrustStores, thereby simplifying the overall hardening process.

Prerequisites:

By default, the RUM Engine connects to the APM Gateway server using HTTP connections (and vice versa). This connection can be hardened to use HTTPS. Enabling HTTPS between any client and a server involves the following tasks:

  • Getting the server to work with HTTPS connections and, in the process, serve up its public certificate
  • Getting the client to trust the certificate served by the server

For the first task, refer to the Hardening Guides for APM and RUM:

  • APM 9.31 Hardening Guide (Chapter 4)
  • Real User Monitor 9.31 Hardening Guide (Chapter 7)

The steps listed below explain how the second task (Getting the client to trust the certificate served by the server) can be easily accomplished. 

Exporting APM/BSM Certificate

Step 1

Open the supported browser and browse to the server with HTTPS as shown in the examples below.

https://<hostname>:443/topaz/ (Replace <hostname> with your server name – BSM/APM Server name)

https://<hostname>:8443/rumwebconsole/ (Replace <hostname> with your server name – Data collectors like RUM)

Step 2

a.    Click the Certificate section as shown in the screenshot below. A Certificate window appears.

       converted.jpg

b.    Click the Details tab.

c.    Click Copy to File.

d.    Click Next.

e.    Select Base 64 encoded x.509 (.CER).

      base64image.jpg

 f.    Click Next.

g.    Click Browse and enter a meaningful name (e.g., APM_cert) to save the file locally.

h.    Click Next.

i.     Click Finish to save the file. The export was successful message appears.

  okButton.jpg

Importing the APM/BSM Certificate into the RUM Engine

Step 3

Copy the saved/downloaded certificate (e.g., APM_cert) to the RUM Engine server.

Step 4

Download KeyStore Explorer from the internet. (The current version is 5.2.2) and install it on the RUM Engine server.

Step 5

Open KeyStore Explorer which is installed in the RUM Engine server and click Open an existing KeyStore. If you are unable to open KeyStore Explorer by double-clicking, issue the following command in a command prompt under c:\Program Files (x86)\KeyStore Explorer 5.2.2:

java -jar kse.jar
kse_commandPrompt.png

Step 6

When you click Open an existing KeyStore, you will be asked to browse to the location of the KeyStore. For RUM, it is in <RUM_HOME>\JRE\lib\security\cacerts.

Step 7

Enter the KeyStore password. For the default KeyStore password, search the APM 9.31 Hardening Guide for the default value of “storepass”.

Step 8

a.    When the KeyStore for the cacerts opens, drag and drop the APM_cert to the KeyStore window and click Import.

b.    Keep the Enter Alias field intact and click OK.

modifiedKSE.jpg

 

Step 9

a.    Click OK in the Import screen and make sure that the certificate is imported in the KeyStore.

b.    Click Save.

modified2.jpg

 

Step 10

Close the KeyStore Explorer window and restart the RUM Engine services.

Step 11

a.    In RUM, click Configuration > APM Configuration Settings. The Application Performance Management Connection Settings page appears.

b.   Click Test RTSM password. A pop-up message appears that confirms a successful HTTPS connection between APM/BSM to RUM Engine.

 modified3.jpg

Exporting the RUM Certificate

To complete the HTTPS settings, you need to export the certificate from the RUM Engine server and import it to APM/BSM server.

Step 12

Download the RUM Engine certificate as described in Step 1 and Step 2. Browse to the RUM Engine server URL using HTTPS.

https://<hostname>:8443/rumwebconsole (Replace ‘hostname’ with RUM Engine Server name)

Importing the RUM Engine Certificate to APM/BSM:

Step 13

Install KeyStore Explorer in the APM/BSM server. In the KeyStore Explorer, open cacerts which is located in the <APM HOME >/JRE/lib/security folder and drag and drop the RUM certificate as described in Step 8 and Step 9.

Step 14

You also need to update the RUM certificate for cacerts which is located in the <APM HOME>/JRE64/lib/security folder. (cacerts file under both JRE and JRE64 should be updated with RUM certificate)

Step 15

Restart the APM/BSM services in the Gateway server. The two way communication for the RUM Engine to APM/BSM is in place.

Validation

a.    Step 11 validates a successful HTTPS connection from the RUM Engine to the BSM/APM server.

b.    To validate the connection from BSM/APM to the RUM Engine, on BSM/APM, try to open the RUM Session Analyzer report which is located under Applications > End User Management. The report is displayed if you have populated data. Otherwise you will see a No data message. Either of these outputs indicate that there is successful HTTPS communication between the servers.

c.    If there are problems with the connection, you will see an error as shown below. 

 httpsError.jpg

d.    You can refer to the ‘config.manager’ log file under C:\HPRUM\log for RUM and the 'gdeGatewayClient' log file under C:\HPBSM\log for BSM/APM to validate that both servers work seamlessly over HTTPS.

Other Notes:

If you have internal restrictions around installing KeyStore Explorer on the RUM Engine or APM/BSM servers, you can install it on any other server. In that case, you need to download the cacerts file from the RUM and BSM/APM servers, import the relevant certificates, and replace the updated cacerts file in the corresponding file location on each server.

Read more
5 0 2,719
APM_Piotr Trusted Contributor.
Trusted Contributor.

Many application servers and frameworks are supported by the default instrumentation provided by Micro Focus Diagnostics Java Agent. Customers may have a need to instrument their own application classes, or entry points for the frameworks not covered by default. This blog presents the basics of the instrumentation of Java applications and provides some examples.


Read Blog Article

Read more
6 0 3,070
dovhershkovitch
New Member.

Learn about the newest capabilities and features of SiteScope version 11.33. Support for AWS Autoscaling, integration with Microsoft Azure and AWS, UI Rejuvenation, and more.


Read Blog Article

Read more
3 0 4,360
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.