search cancel

Securing APM EM and WebView with signed certificate

book

Article ID: 200095

calendar_today

Updated On:

Products

CA Application Performance Management Agent (APM / Wily / Introscope) CA Application Performance Management (APM / Wily / Introscope) INTROSCOPE DX Application Performance Management

Issue/Introduction

We are trying to secure APM 10.7 EM and WebView and we are using signed certificates but unfortunately the application is not working after the process we followed. We have followed mixed instructions from below articles.

https://community.broadcom.com/communities/community-home/librarydocuments/viewdocument?DocumentKey=678d8275-3743-4399-868a-35eb3c7bac16

https://knowledge.broadcom.com/external/article/36154/in-ca-apm-10x-what-feature-does-new-emwe.html

Can you please let us know what is the issue here?

Environment

Release : 10.7.0

Component : APM Agents

Resolution

Please review the following:

https://techdocs.broadcom.com/us/en/ca-enterprise-software/it-operations-management/application-performance-management/10-7/administrating/apm-security/ssl-and-tls-communications-overview.html#concept.dita_bf33999f31bdbe33d715531f04e05b45f0d4f183_EnableTLSontheEnterpriseManager

Note:
SHA2 or SHA-2 is a name for several hashing algorithms, which include SHA-224, SHA-256, SHA-384, and SHA-512. For Web Servers, SHA2 is supported. With a default JRE policy, only SHA-256 is supported. After installation of an unlimited JCE policy, SHA-384 is supported.

In this case the signed certificate that is being used has following algorithm:

Signature algorithm name: SHA1withRSA

This algorithm is not supported with default JRE policy as indicated in the above document.