Skip navigation
Share:|

When EUEM components are deployed, they are communicating with each other in different ways. Let’s refer to the basic architecture of a simple deployment of EUEM.

 

euem-diagram.png

 

Let’s review each component roles

 

  • The Cloud Probe is the capture engine. It is capturing TCP/IP packets and is building objects (HTTP( and HTTPS request and response pairs) and extracts whatever data it is configured to. When objects are captured, they are sent to the Real User Collector.

 

  • The Real User Collector buffers those objects (several Cloud Probes may send data to one collector) for the Analyzer to consume (one or several Analyzers may get data from one Collector).

 

  • The Real User Analyzer retrieves data from one or more Real User Collectors and performs most of the processing.

 

 

All the communications between EUEM components occur on a secure channel using HTTPS. The same goes for managing EUEM by accessing its web interface.

 

The Collector and the Analyzer have their own built-in SSL certificates. When deployed a self-signed SSL certificate is generated for each component. Given that the authentication between each EUEM components is done via user accounts, there is no two-way SSL authentication as in other TrueSight Operations Management products.

 

Replacing a SSL certificate on any EUEM component does not impact the entire deployment and without causing any disruption in the way the product works. This means that one can use a signed certificate on an Analyzer and still use the self-signed certificate on the Collector without breaking the flow between the components. This also means that one does not have to change anything on the TrueSight Presentation Server for the Analyzer & TSPS integration or on the App Visibility Portal server when the App Visibility integration is configured.

 

As long as the configured SSL certificate is a valid and signed one, there is no problem!

 

The steps below are for the Real User Analyzer but the same procedure applies to the Real User Collector. Since there is no web UI for Cloud Probe, there is no SSL certificate on Cloud Probe to change.

 

EUEM is a Java application running on a Tomcat server.  Replacing the SSL certificate is very simple. The steps are

  1. Get a signed SSL certificate from a Certificate Authority and the original SSL private Key.
  2. Bundle them in a Java keystore format.
  3. Configure EUEM to use this keystore instead of the default one created at installation time.

 

Important notice: It is your responsibility to provide the Java keystore file. BMC is not responsible and will not provide help in generating it.

 

Configuring the Analyzer to use your keystore file

  1. Copy your keystore file to the Real User Analyzer server.
  2. Make a copy of the following file as a backup.
    1. $EUEM_HOME/analyzer/apache-tomcat/conf/server.xml
  3. Edit the server.xml file
  4. Look for the following lines. The first line is a pointer to the full pathname of your keystore file. The second line specifies the password (*) to that keystore.
    1. keystoreFile="${truesight.home}/conf/platform/security/keystore/java/keystore"
    2. keystorePass="tsPwDSt0r3"
  5. Restart the Real User Analyzer at your convenience to have the changes take effect.

 

If you have the Real User Collector deployed on the same system you have to repeat the steps as its SSL certificate configuration is separate.

 

 

(*) About storing the keystore password in clear text in the server.xml file. This is a constraint from the Tomcat design itself. This is best and fully described in the official Apache Tomcat FAQ.

Share:|

TrueSight Operations Management 10.7 was released on March 28, 2017. This means App Visibility Manager product upgrades are now available.  Please refer to https://docs.bmc.com/docs/display/TSOMD107/Upgrading for all the details on upgrading your App Visibility Manager products.

 

For customers running older versions of our software, namely BMC Transaction Management Application Response Time (TMART) and BMC Real End User Experience Monitoring 2.7.02 we have AMIGO programs to assist you with the migration to 10.7.00.

 

The Assisted MIGration Offering (AMIGO) programs are designed to assist you with the migration from an older version of a product to a newer version when there are major changes that will affect your migration. They are provided to all customers as part of your support coverage.

 

Are you postponing a migration from BMC Transaction Management Application Response Time (TMART) to Borland Silk Performer for TrueSight Operations Management 17.5.00 (TS-Synthetic) because of time, learning curve concerns or risk issues?  The TS-Synthetic Assisted MIGration Operations (AMIGO) program is designed specifically to help you migrate quickly, easily and safely. Please follow the link below to our knowledge article to get started:

 

https://selfservice.bmc.com/casemgmt/sc_KnowledgeArticle?sfdcid=000011559

 

There is a major architecture change when you migrate from BMC Real End User Experience Monitoring - Virtual Edition 2.7.02 to BMC Real End User Experience Monitoring - Software Edition 10.7.00. Don't get caught off guard by the changes and be prepared with the BMC Real End User Experience Monitoring Software Edition AMIGO program. Please follow the link below to our knowledge article to get started:

 

https://selfservice.bmc.com/casemgmt/sc_KnowledgeArticle?sfdcid=000128764

 

Please contact BMC Technical Support (customer_support@bmc.com) if you need any more information on this.

Filter Blog

By date:
By tag: