Skip to Content

Diagnostics Agent for .NET requires Windows 2003 security patch

If Windows 2003 is not patched for security vulnerabilities, the BMC Application Diagnostics Agent for .NET on that operating system cannot connect to the portal and collector.

Issue

The Diagnostics Agent for .NET cannot connect to the portal and collector when it is installed on an application server running on Windows 2003.

Probable cause

The Diagnostics Portal and Collector only support HTTPS communication. The portal and collector do not support all ciphers.

Resolution

You can resolve this issue in one of the following ways:

  • Update and patch Windows 2003 (recommended)
    Updating and patching Windows 2003 is the preferred resolution because the resulting environment is more secure.

    Click here to expand steps.
    1. Update to Windows Server 2003, Service Pack 2.

    2. Install the Microsoft hotfix to support the relevant cipher suites in Windows Server 2003.

  • Update the tomcat.ciphers in the portal and collector properties
    If you cannot update and patch Windows 2003, you can modify the tomcat.ciphers property for the portal and collector to enable data collection from the Agent for .NET.

    Click here to expand steps.
    1. Stop the service or services.
    2. Open the properties file for each component in a text editor:
      • Portal: installationDirectory\portal\properties\portal.properties
      • Collector: installationDirectory\collector\properties\collector.properties

    3. For each component property file, add SSL_RSA_WITH_3DES_EDE_CBC_SHA to the tomcat.ciphers property, as shown in the following example:

      # A comma separated list of encryption ciphers to support for HTTPS connections. Spaces between list items are not allowed.
      tomcat.ciphers=SSL_RSA_WITH_3DES_EDE_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA
    4. Restart the service or services.

 

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*

BMC TrueSight App Visibility Manager 2.7