Communication between the up.time Uptime Infrastructure Monitor monitoring station and the up.time Uptime Infrastructure Monitor Windows Agent can be secured by enabling SSL encryption. Enabling SSL is a two-step process:
- Download and install the Windows version of stunnel 4.27.
- Find the file stunnel.conf on the agent system. This file is normally found in C:\Program Files\stunnel.
Add the following lines to the bottom of stunnel.conf and save the file. This will enable SSL encryption on local port 9997 and forward the encrypted data to the standard agent port (9998).
[up.timeUptime agent] accept = 9997 connect = 9998 For older agents, use these lines: [up.timeUptime NT agent] accept = 9997 connect = 9998
Note You can change the port on which to enable SSL to any value. To change the default agent port to a port other than 9998, edit the agent port setting in the Windows Registry (see Changing the Windows Agent Port) and then configure the stunnel.conf file to accept on port 9998 and to connect to the port that you configured for the agent.
Start stunnel from the Start menu or by running the following command at the command prompt:
C:\Program Files\stunnelstunnel.exe -start
The agent is now SSL enabled on port 9997.
Enabling SSL in the
Uptime Infrastructure Monitor Web Interface
If the Windows agent has already been added to up.timeUptime Infrastructure Monitor, complete the following steps in the up.time Uptime Infrastructure Monitor Web interface for each agent system that requires SSL.
If you have not yet added the agent system to up.timeUptime Infrastructure Monitor, follow the steps in the up.time Uptime Infrastructure Monitor User Guide. When adding the agent system, ensure that the Agent Port Number option is set to 9997 and that the Use SSL option is enabled.