Use the following information to secure an Uptime Infrastructure Monitor Monitoring Station to Windows Agent communication with TLS v1.2. Users must have administrator access to the machines on which you want to install and configure Agents and to the Everything outlined in this document will require administrative access to the machines you wish to install and configure agents on as well as to the Monitoring Station.
...
Stunnel configuration
First we must setup , set up the stunnel configuration file to only allow TLS 1.2.
Modify Next, modify the stunnel config file located in: Cat C:\Program Files\uptime software\Uptime agent\stunnel\config\stunnel.conf to look like so. using the following information:
[up.time agent]
accept = 9997
connect = 9998
cert = stunnel.pem
options = NO_SSLv2
options = NO_SSLv3
options = NO_TLSv1
options = NO_TLSv1.1
Firewall modification
Now you will want to create Create a firewall rule that blocks port 9998 incoming on the agent Agent machine so no insecure connections can be made to the agentAgent. Setting the firewall to notify you when applications are blocked is also a good idea as it aids in configuring it with stunnel.
Run stunnel as a service on the
...
Agent machine
Next, you will want to run Run stunnel as a service that comes up when windows Windows starts as well so when the agent Agent server is rebooted, the connection is re-established. Open a command prompt as administrator. Change directory to where the stunnel config file that we edited in the first step lies.
...