DX Application Performance Management

  • Private Community
 View Only

  • 1.  pfx

    Posted Jan 17, 2016 12:07 AM

    Hi All,

     

    I am having HTTPS traffic across client environment and in order to monitor it we need to decrypt that traffic into HTTP so that CA TIM can monitor that. Now the challenge is Client is pretty much concern of his password and data flowing across in the transaction which needs to be monitor. I am also not aware with the PFX capability to decrypt the traffic.



  • 2.  Re: pfx
    Best Answer

    Broadcom Employee
    Posted Jan 17, 2016 04:15 PM

    Hi Winkle,

    1. TIM can decrypt PFX certificate based HTTPS traffic if the web server PFX key(s) are uploaded to TIM in PEM format.

    Here is a relevant section from the 10.1 wiki on how to export a Microsoft IIS PFX key and then convert it to PEM format:

    Import and Manage SSL Private Keys - CA Application Performance Management - 10.1 - CA Technologies Documentation

     

    2. There is also a Private Parameter feature that allows parameters like passwords to be hidden (even in the tim log they will just appear as a wildcard sequence). See this section:

    Additional CEM security tasks - CA Application Performance Management - 10.1 - CA Technologies Documentation

     

    Hope this helps

     

    Regards,

     

    Lynn



  • 3.  Re: pfx

    Posted Jan 18, 2016 12:20 AM

    Thanks Lynn.



  • 4.  Re: pfx

    Posted Jan 18, 2016 11:46 AM

    Hello! Good afternoon!

    Thanks for the help, I'll be checking.

     

    Att

    Ricardo Viera L P



  • 5.  Re: pfx

    Posted Jan 18, 2016 11:46 AM

    Hello! Good afternoon!

    Thanks for the help, I'll be checking.

     

    Att

    Ricardo Viera L P



  • 6.  Re: pfx

    Posted Jan 20, 2016 05:32 AM

    Hi Lynn,

     

    Thanks for the answer, client is asking for the algorithm for this conversion that exactly how it is hiding the parameters such as password, etc coming in that traffic.

    and Is there a way around to make the hidden traffic visible once it is hidden or ill say is converted to *****.

     

    Is that ***** can be converted back to org form for eg, if password=*********  can it be converted back to its original form i.e CA@1234.

     

    There is also a Private Parameter feature that allows parameters like passwords to be hidden (even in the tim log they will just appear as a wildcard sequence). See this section:

    Additional CEM security tasks - CA Application Performance Management - 10.1 - CA Technologies Documentation

     

    Regards,

    Winkle Khurana



  • 7.  Re: pfx

    Broadcom Employee
    Posted Jan 20, 2016 12:23 PM

    Hi Winkle:

       Once it is set to ***, I do not believe  that data in the recording or the defect for a private parameter can be set to its original value.

     

    Thanks

    Hal German



  • 8.  Re: pfx

    Posted Jan 20, 2016 11:35 PM

    Hi Hal German,

     

    Thanks for the solution however is that statement is documented anywhere.

    Need to justify this statement

     

    Regards,

    WInkle Khurana



  • 9.  Re: pfx

    Broadcom Employee


  • 10.  Re: pfx

    Broadcom Employee
    Posted Jan 21, 2016 08:27 AM

    Hi Winkle:

    In addition to what Hiko posted. there is also this KB --

    TIM Log contains critical information such as passwords and SSNs which are defined as Private Parameters and are masked in the request body

     

     

    http://www.ca.com/us/support/ca-support-online/product-content/knowledgebase-articles/tec603778.aspx

     

    It looks like we have taken this as far as we can in a community post.

     

     

    Thanks

    Hal German



  • 11.  Re: pfx

    Posted Jan 18, 2016 11:46 AM

    Hello! Good afternoon!

    Thanks for the help, I'll be checking.

     

    Att

    Ricardo Viera L P