Securing the Controller
If you plan on using the up.time Uptime Controller by integrating API functions with the up.time Uptime Infrastructure Monitor Web interface, consider doing the following to prevent several common browser-related warnings when navigating secure and non-secure pages within the same web page:
- Enable SSL for the up.time Uptime Infrastructure Monitor Web interface, using the instructions found in Implementing SSL HTTPS Browsing for Web Interface with Apache 2.2 or Implementing HTTPS Browsing for the Web Interface with Apache 2.4.
- Purchase a valid SSL certificate for the up.time web Uptime Infrastructure Monitor Web interface to avoid warnings about a self-signed certificate in the browser.
The Controller installs an unsigned and unverified certificate as part of its installation process. For installations in a production environment, a valid key should be purchased and installed on the Controller.
Reflecting Configuration Changes in the Proxy
As part of the up.time Uptime Infrastructure Monitor installation process, a proxy is configured in the <uptimeDirectory>\apache\conf\httpd.conf file. This provides ease of use with the up.time Uptime Controller, as it simplifies many API programming tasks, and helps to ensure the Controller remains secure.
...
The proxy is configured to work using the default options and configuration choices made when up.time Uptime Infrastructure Monitor is installed:
- the Monitoring Station (
<uptimeHost>above) and up.time and Uptime Controller (<controllerHost>above) are part of the same installation (i.e., they have the same value), and assumed to be on the same host - the port the Controller uses to communicate with up.time Uptime Infrastructure Monitor is
9997
If there are changes to the way up.time has been Uptime Infrastructure Monitor is deployed on the network, you will need to modify the Apache Web server configuration file, accordingly:
...
After making any change, restart the up.time Uptime Web Server service (on the correct up.time Uptime Infrastructure Monitor instance, if applicable) to apply these changes. Then verify that you have correctly configured the proxy by browsing to https://<uptimeMonitoringStation>/api. The behavior should be identical to browsing to the up.time the Uptime Controller at https://<uptimeController>/api.
Controller Configuration Parameters
The following list details several common up.time Uptime Controller configuration tasks.
| Task | Setting | Configuration Location in <uptimeDirectory>\controller\ | Notes | ||
|---|---|---|---|---|---|
| change Controller port | up.time ContollerUptime Contoller port | \etc\jetty-ssl.xml | To change the port, find this line within jetty-ssl.xml: <Set name="Port"><Property name="jetty.port" default="9997"/></Set> Update the | the up.time the Uptime Controller service. | |
| change Controller DataStore target | database connection settings | \resources\uptime-controller.conf | Example connection fields and options are provided for all supported DataStore back-end platforms. By default, | the up.time the Uptime Controller uses a standard MySQL DataStore connection (unless you updated these values during installation). dbType=MYSQL To change the connection details, update these fields with your database platform information. There are example entries in the configuration file. After you have updated your settings, restart | the up.time the Uptime Controller service. |
| indicate where PHP sessions are stored | PHP session directory | \resources\uptime-controller.conf | By default, the | up.time will look Uptime Infrastructure Monitor looks for stored sessions in the Apache work space:
| |
change Controller logging level | logging level | \resources\uptime-controller.conf | The Controller automatically logs events in the
By default, the logging level is After you have updated your settings, restart the | up.time Uptime Controller service. | |
| install new Controller SSL certificate | SSL communication | | To install a new key, follow steps 3 and 4 from | the jetty How to Configure SSL Page,Configuring SSL/TLS, and then restart the | up.timeUptime Controller service. |
| configure SSL/TLS parameters | SslContextFactory | | serverIncludeCipherSuites=ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128- |