Either the HTTP or HTTPS protocol is used to communicate between the Cloud
APM server and the server agents. The Cloud
APM server allows connections from server agents that
authenticate themselves with a valid certificate. If you change the communication protocol that is
used by the server to communicate with monitoring agents, you must change the protocol used by the
server agents.
About this task
Server agents are components of the Cloud
APM server. The server agents provide the following
functions:
- The Transactions Event agent provides services for transaction tracking.
- The Synthetic Events agent provides services for synthetic transactions.
- The Bluemix® Integration agent integrates the Cloud
APM server
with your IBM® Cloud environment.
The server agents are installed and started automatically when you install
the Cloud APM, Advanced offering. If you have the
Cloud APM, Base offering, no server agents
are used and you do not need to configure communications protocols for server agents.
Default
certificates are generated during the Cloud
APM server
installation. The server agents might use the default certificates or they might use self-signed or
custom certificates to connect to the Cloud
APM server.
Complete the following steps to configure the communication protocol between the server
agents and the Cloud
APM server:
Procedure
-
If you want to change from HTTPS communication to HTTP communication between the Cloud
APM server and server agents, complete the following
steps:
-
On the Cloud
APM server, open a command window and
change to the install_dir/serveragents/bin directory.
For example:
cd /opt/ibm/apm/serveragents/bin
-
Run the following commands to stop the server agents.
apm stop biagent
apm stop soagent
apm stop txagent
-
Run the following command to configure HTTP communication between the Cloud
APM server and the server agents:
./agent2server.sh -p HTTP
-
Restart the server agents by running the following commands:
apm start biagent
apm start soagent
apm start txagent
-
If you want to use HTTPS communication and default certificates between the Cloud
APM server and server agents, complete the following
steps:
-
On the Cloud
APM server, open a command window and
change to the install_dir/serveragents/bin directory.
For example:
cd /opt/ibm/apm/serveragents/bin
-
Run the following commands to stop the server agents.
apm stop biagent
apm stop soagent
apm stop txagent
-
Run the following command to configure HTTPS communication between the Cloud
APM server and the server agents:
./agent2server.sh -p HTTPS
-
Restart the server agents by running the following commands:
apm start biagent
apm start soagent
apm start txagent
-
If you want to use HTTPS and either self-signed certificates or certificates that are signed by
a third-party certificate authority for communication between the Cloud
APM server and server agents, complete the following steps:
-
On the Cloud
APM server, open a command window and
stop the server agents by entering the following commands:
apm stop biagent
apm stop soagent
apm stop txagent
-
Copy the contents of the install_dir/ccm/keyfiles/serverhostname.agent/keyfiles directory to the
install_dir/serveragents/keyfiles directory, where install_dir is the installation directory of the Cloud
APM server and serverhostname is the
Cloud
APM server hostname.
Note: If you are using the default certificates that are created by the Cloud
APM server installation, specify
default.agent in place of serverhostname.agent.
-
Modify the install_dir/serveragents/config/global.environment file to specify which certificate is used by
the server agents. Add or edit the following variable:
KDEBE_KEY_LABEL="APM_Agent_Certificate"
Important: If you used a label other than APM_Agent_Certificate
when you created
the certificates, you must specify that label instead of APM_Agent_Certificate
.
- If your third-party CA provides only an RSA signature, change the
KDEBE_FIPS_MODE_ENABLED=SuiteB-128 variable to
KDEBE_FIPS_MODE_ENABLED=NO in the
install_dir/serveragents/config/global.environment file.
-
Change to the install_dir/serveragents/bin directory.
For example:
cd /opt/ibm/apm/serveragents/bin
-
Run the following command to configure HTTPS communication between the Cloud
APM server and the server agents:
./agent2server.sh -p HTTPS
-
Restart the server agents by running the following commands:
apm start biagent
apm start soagent
apm start txagent
Results
The communication protocol that is used to connect the server agents to the Cloud
APM server is changed.