The SSL certificate for Mission Control will be renewed on April 1, 2020. The updated certificate will be issued by Amazon Trust Services in the context of our strong partnership with AWS, thereby ensuring the highest possible reliability for our customers around the globe.
This means that the SSL certificate for the Mission Control endpoint (https://mcsvc.dynatrace.com) will change on April 1, 2020. The new certificate will be issued by Amazon Trust Services (see https://www.amazontrust.com/repository/). Until now, we’ve used a certificate issued by DigiCert, Inc (www.digicert.com).
The update should require no action on your part
In a typical scenario, this change will be completely transparent to you and no action on your part will be required. Dynatrace Managed clusters that communicate with Mission Control already trust the certificates that are issued by Amazon.
Connecting to Mission Control with a proxy? Make sure that you update!
If you connect to Mission Control with a proxy that intercepts the TLS connection, you’ll need to make sure that the proxy accepts the new certificate that will be issued by Amazon Trust Services on April 1, 2020. Otherwise, the connection from your cluster to Mission Control will be broken and you’ll lose pro-active support capabilities, including updates.
Our Dynatrace ONE team will contact your emergency contact if we detect any connection issues in your environment as of April 1, 2020.
What happens if I don’t update my proxy?
If you don’t update your proxy, Dynatrace will still provide full insights into your application environments. However, your Dynatrace cluster will lose its connection to our Mission Control endpoint, with the following implications:
- You’ll no longer receive Dynatrace cluster, OneAgent, or ActiveGate updates
- Dynatrace won’t be able to provide pro-active support for your cluster. Support and Dynatrace ONE won’t be able to access your environments to provide the best possible experience
- License overages (if included in contract) will be disabled after two weeks. This may affect your current monitoring if you’re already incurring overages.
Not sure if you need to take action? Verify the connection!
From your cluster node execute the following command:
curl -x <proxy_server> --ssl-reqd --url https://mcsvc-sprint.dynatracelabs.com
<proxy_server> is your proxy address. For example:
The test checks our staging endpoint and it may require opening additional IP addresses in your proxy/firewall configuration:
You should receive
HTTP 200 response code and a valid response content:
What is Mission Control?
Dynatrace Mission Control provides pro-active support for maintenance and licensing issues. With automated support from our Dynatrace ONE team, your Dynatrace Managed installation is updated automatically. You can reach out to our Dynatrace ONE team through real-time, in-product assistance if you need help or encounter any issues.