Having problems with your account or logging in?
A lot of changes are happening in the community right now. Some may affect you. READ MORE HERE
Acclaimed Contributor.. parkar Acclaimed Contributor..
Acclaimed Contributor..
751 views

RUM for mobile based application : Encryption


We have configured mobile native application using client montitor probe. We are not able to see the encrypted value . In earlier RUM Probe we used to have SSL key management where we can import the key and see the encrypted data however using we are not able to get the same using RUM client monitor probe

We see the option disabled . Pl suggest

 

Attached screenshot

Cheers!

Nvr Blame a day in ur life....... Good day gives "happiness" & Bad day gives "experience" ......
Tags (1)
0 Likes
5 Replies
Acclaimed Contributor.. parkar Acclaimed Contributor..
Acclaimed Contributor..

Re: RUM for mobile based application : Encryption

screenshot attached 

Cheers!

Nvr Blame a day in ur life....... Good day gives "happiness" & Bad day gives "experience" ......
0 Likes
Micro Focus Expert
Micro Focus Expert

Re: RUM for mobile based application : Encryption

There is no need to handle private keys in RUM CM probe like you do for the RUM sniffer/network probe. That's because the decryption of the secured application traffic is performed by the mobile device itself.

 

You would probably want to secure communication between the mobile device and RUM CM probe. You can refer to RUM Hardening guide for the procedure to do so (Hardening the RUM Client Monitor Probe Internet Communication).

0 Likes
Acclaimed Contributor.. parkar Acclaimed Contributor..
Acclaimed Contributor..

Re: RUM for mobile based application : Encryption

HI

 

Query im having is how traffic will be decrypted when rum client monitor probe reads the same

 

 

FYI..RUM Client Monitor Probe is installed with an HP self-signed certificate for client HTTPS communication

 

 

Are you saying we need perform below

 

 

Self-signed certificates are not recognized by end user devices unless

 

manually installed on each client machine. Therefore, in order to use HTTPS you must replace the

 

default certificate with a new one from a trusted certificate authority. This certificate is usually

 

provided by your security officer. A certificate is unique to the specific machine according to its

 

static IP address, so if there are multiple RUM Client Monitor Probes, you need a different

 

certificate for each RUM Client Monitor Probe.

 

The certificate must be in pcks12 keystore format. If the certificate is not in pcks12 keystore

 

format, in a cmd window, type:

 

>

openssl pkcs12 -export -in <dest-path>\cm-probe-server.crt -inkey <dest-path>\

cm-probe-server.pem -out <dest-path>\<dest-file-name>.p12)

To import other certificate formats into a pcks12 keystore:

1. Import the pcks12 keystore into a java keystore:

>

<JDK_HOME\bin>\keytool -importkeystore -deststorepass <dest-store-password>

-destkeypass <dest-key-pass> -destkeystore <dest-path>\<dest-keystore-file-n

ame>.jks -srckeystore <src-path>\<pcks12-keystore-file-name>.p12 -srcstorety

pe PKCS12 -srcstorepass <src-store-pass> -alias 1

Note:

In

In this command line, passwords are optional.

 

 

2. Copy the keystore into the following directory:

<HPRUMClientMonitor>\conf\ssl.

 

 

3. Open

<HPRUMClientMonitor>\apache-tomcat\conf\server.xml and change the connector

keystoreFile

and keystorePass attributes:

<Connector port="2021" protocol="org.apache.coyote.http11.Http11NioProtocol"

 

SSLEnabled="true"

 

maxThreads="150" scheme="https" secure="true"

 

keystoreFile="..\conf\ssl\<dest-keystore-file-name>.jks"

 

keystorePass="<dest-store-password>"

 

clientAuth="false" sslProtocol="TLS" />

 

Note:

If the keystore is not password-protected, remove the keystorePass attribute

 

Cheers!

Nvr Blame a day in ur life....... Good day gives "happiness" & Bad day gives "experience" ......
0 Likes
Micro Focus Expert
Micro Focus Expert

Re: RUM for mobile based application : Encryption

I'm saying that you need to follow RUM docs if you want to secure communication between your mobile device running the instrumented native application (.apk) and RUM CM probe. And if it doesn't work after that, you need to open a ticket and work with HP Support on fixing the problem.

 

In either case it has nothing to do with application traffic itself - be it encrypted or not.

0 Likes
Acclaimed Contributor.. parkar Acclaimed Contributor..
Acclaimed Contributor..

Re: RUM for mobile based application : Encryption

Hi Dimitry

 

If Post data itself contains encrypted value for the solution using RUM client monitor probe . Is there any way to decrypt this ?

Customer ready to share decryption algorithm .

 

Pl suggest!

Regards

Cheers!

Nvr Blame a day in ur life....... Good day gives "happiness" & Bad day gives "experience" ......
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.