Communication between the Uptime Infrastructure Monitor monitoring station and the Uptime Infrastructure Monitor Windows Agent can be secured by enabling SSL encryption. Enabling SSL is a two-step process:
Enabling SSL on the Windows Agent System
To enable SSL encryption, complete the following steps on each agent system:
- Download and install the Windows version of stunnel 4.27.
- Find the file stunnel.conf on the agent system. This file is normally found in C:\Program Files\stunnel.
Add the following lines to the bottom of stunnel.conf and save the file. This will enable SSL encryption on local port 9997 and forward the encrypted data to the standard agent port (9998).
You can change the port on which to enable SSL to any value. To change the default agent port to a port other than 9998, edit the agent port setting in the Windows Registry (see Changing the Windows Agent Port) and then configure the stunnel.conf file to accept on port 9998 and to connect to the port that you configured for the agent.
Start stunnel from the Start menu or by running the following command at the command prompt:
The agent is now SSL enabled on port 9997.
Enabling SSL in the Uptime Infrastructure Monitor Web Interface
If the Windows agent has already been added to Uptime Infrastructure Monitor, complete the following steps in the Uptime Infrastructure Monitor Web interface for each agent system that requires SSL.
- Click My Enterprise.
- Click the name of the agent system for which you want to enable SSL.
- Click Edit Performance Monitor.
- In the new window, select the Use SSL (HTTPS) option and change the Agent Port Number to 9997.
- Click Save.
If you have not yet added the agent system to Uptime Infrastructure Monitor, follow the steps in the Uptime Infrastructure Monitor User Guide. When adding the agent system, ensure that the Agent Port Number option is set to 9997 and that the Use SSL option is enabled.