Mel Farber Super Contributor.
Super Contributor.
556 views

Monitoring TLS URL requiring user certificate with SiteScope 11.50

Running SiteScope 11.50 on Linux.

I want to add a URL, which uses the user's personal certificate loaded into the web browser to access.  There does not seem to be a place to load personal certificate into SiteScope to be used for the access.  Can a user certificated be loaded to be used in the URL check and if so where should it be loaded?  Does it require a new version?

Thanks,
Mel

Labels (1)
0 Likes
5 Replies
Micro Focus Expert
Micro Focus Expert

Re: Monitoring TLS URL requiring user certificate with SiteScope 11.50

FYI. Like this one?

https://docs.microfocus.com/itom/SiteScope:2018.05/Use/MR_URL_Mon
-> Search: "Client side certificate"

Regards,

0 Likes
Mel Farber Super Contributor.
Super Contributor.

Re: Monitoring TLS URL requiring user certificate with SiteScope 11.50

Am I correct that the referenced document indicates I need to upgrade to 2018.05 and switch from a Linux version of SiteScope to Windows to get WinInet to run against an HTTPS target using client certificates?

Thanks,

Mel

0 Likes
Daniel_R_SiS Valued Contributor.
Valued Contributor.

Re: Monitoring TLS URL requiring user certificate with SiteScope 11.50

Hello Mel

The URL monitor do have an option for this, you'll just have to import the certificate into the SiteScope\templates.certificates directory:

 

Client side certificate

The certificate file, if you need to use a client side certificate to access the target URL. Normally, this is a .pfx (.p12) type certificate, which usually requires a password. You enter the password for the certificate in the Client side certificate password box.

Note: Client side certificate files must be copied into the <SiteScope root directory>\templates.certificates directory.

https://docs.microfocus.com/itom/SiteScope:2018.05/Use/MR_URL_Mon

Also, import the certificate into the "Certificate Management" tab from the UI just in case it'll be required.

 

Best regards

Daniel Rojas Leandro
Customer Support Engineer
0 Likes
Mel Farber Super Contributor.
Super Contributor.

Re: Monitoring TLS URL requiring user certificate with SiteScope 11.50

To add the client certificate I need to know the password for the clientKeystore in /opt/HP/SiteScope/templates.certificates.  I cannot find the default password.  I can see the certificates by just hitting carriege return for keytool -list -keystore clientKestore, but I have to give the password to import a certificate.  I also cannot set a new password, without knowing the existing password.

Anyone know the passwords for clientKeystore and serverTrustStore?

Thanks,

Mel

 

0 Likes
Highlighted
Mel Farber Super Contributor.
Super Contributor.

Re: Monitoring TLS URL requiring user certificate with SiteScope 11.50

I have added my person certificate to clientKeytore, but when I save the monitor, I get "Status Summary: no status in reply from server".  I have no idea what that is and I am not seeing anything in the logs.  The intent is to use my client certificate to validate as I would from my browser.

I have the following configuration:

URL: <my URL>

Match content: /match something/              This seems to work when I Open Tool

HTTPS version: 1.1

Credentials: Select predefined credentials is checked, but I have no profile selected.

Pre-emptive authorization: Authenticate if requested

Client side certificate: clientKeystore (I have also tried my certificate .p12 format)

Client side certificate password:  default for clientKeystore (tested manuall).   (my password for my .p12)

Preferred protocols: Prefer TLSv1.2

Is anything missing?

Thanks,
Mel

 

Tags (1)
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.