HTTPS data from RUM to BSM
Hope you are doing well. I have some questions in my mind looking for answers.
I was monitoring HTTP traffic in RUM and BSM (APM). RUM was sending data to BSM and everything was working fine. Now i want to monitor HTTPS traffic in RUM and BSM (APM). what would be the work flow for configurig HTTPS scenario? Kindly suggest steps. Step by step work flow would be a great help. I have the guide but guides are making me confuse. looking for help.
APM 9.5 is on Linux (redhat)
RUM 9.5 is on Windows
Thank you so much for your response.
Actully I have the guides but guides are making me confuse. They are making things complex for me. I want a flow work / steps. kindly help.
This really depends on the application being monitored and what technology it uses. Most applications will have the option to change the default supported ciphers. It's best to check the documention and support site for that application. If it's SM, then I'm sure there will be a good forum available for that too.
If your app uses Apache web server, then you can change the ciphers in a config file, often ssl.conf or httpd-ssl.conf (depnding on the version or platform etc.). Search the file for 'SSLCipherSuite' and you can use this parameter to allow or deny certain cipher types, or specify explicit ciphers. It's best to search the on-line apache doc for more information, but here's an example where apache is configured to support just 2 non-Diffie Hellman ciphers:
If the app uses tomcat, then there is usually a server.xml file where the https adapter is configured (this section will have keystore configuration as well, and will reference the secure port). You can add or update a 'ciphers' value within that section, for example:
Please check the vendor documentation for your app, as that should tell you what ciphers are supported. Also check with your security department if relevant.
This external link from openssl has a list of long and short cipher names for all the main opensssl ciphers, and can be very useful. Some apps use the long name and others use the short name:
In the examples above, apache uses the short names for ciphers, and tomcat uses long names.