Using your own certificate with the Vyopta Data Collector

In the 4.9 release of the Vyopta Data Collector,  you have the ability to use your own certificate for endpoints and CMS to send data to the collector.

All you need to do,  is add in the following lines in your vyoptacollector.xml file.  Assume the data collector's server has a FQDN of 'vyopta.customer.com' and a keystore called keystore.p12 with a keystore password of 'mypass',   you would add the following properties

 

 

<property key="ssl.cert.domain">vyopta.customer.com</property>
<property key="ssl.cert.location">C:\Vyopta\keystore.p12</property>
<property key="ssl.cert.password">mypass</property>

 

Once you added the properties,  you can restart your data collector.  

 

The next step would be to open a web browser to https://your.collector.server:22181  and look at the certificate and see if the certificate is the one being supplied.   If you are viewing your cert,  you have successfully applied your custom cert to the data collector.

 

screenshot_1630.png

 

Please note - This is an advanced setting in Vyopta, and is not supported or recommended.   If you choose to provide your own certificate to the data collector,  you will need to self support any potential issues related to TLS and SNI.   An example below is showing how the HTTP feedback port on an endpoint is not able to connect to the data collector due to SNI enforcement with the certificate.

 

 

screenshot_1638.png

 

If you run into issues like the above, our only recommendation is to use our default certificate thats provided in the Vyopta Data Collector,  and not use a custom certificate.

Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.