Configure ActiveGate

Whenever you need to configure an ActiveGate setting (for example, proxy, port, or memory dumps), do this in the custom.properties file and then restart ActiveGate. The custom.properties file is located in the ActiveGate configuration directory.

The custom.properties file is preserved during ActiveGate upgrade; it's copied in its entirety from your existing installation to the new one.

Keep in mind that custom.properties takes precedence over config.properties. Therefore, if a setting occurs in both files, the value of the setting in the custom.properties file will take precedence. Also, command line settings (if any) take precedence over those stored in custom.properties.

The ActiveGate properties that you can configure are described in the following tables. These properties are applicable for both Environment ActiveGates and Cluster ActiveGates.

Section: [dbAgent]

To use Database insights both flags in the [dbAgent] section must be set to true.

Property	Default value	Description
`dbAgent_allowed`	true	`???``
`dbAgent_enabled`	true	`???`

Section: [connectivity]

Property	Default value	Description
`dnsEntryPoint`	unset	Define the entry point for the ActiveGate (for example, `https://sg1.mydomain.com:9999`). Via this URL, the ActiveGate is accessed by Dynatrace OneAgent. If not set, an auto-detected endpoint will be used. This entry can be used if the ActiveGate is accessed via, for example, an external IP address or load balancer. Depending on your ActiveGate deployment, make sure you use the right prefix, `http` or `https`, otherwise your OneAgents won't be able to connect.

Section: [com.compuware.apm.webserver]

Property	Default value	Description
`port-ssl`	`9999`	The port where the ActiveGate listens for traffic from OneAgent—used for HTTPS connection.
`port`	unset	The port where the ActiveGate listens for traffic from OneAgent—used for HTTP connection. It is disabled by default. On Linux, a value > 1024 is recommended, to ensure no root privileges are required.
`ssl-protocols`	`TLSv1.2`	Supported SSL protocols. Can be one or a list of the following values: `TLSv1`, `TLSv1.1`, `TLSv1.2`
`excluded-ciphers`	unset	List of additionally excluded ciphers (ciphers are defined by a substring matching at least a part of the cipher name, for example `_DHE_`)
ActiveGate version 1.165+ `certificate-file`	unset	Path to `PKCS#12` file containing certificates to be used by ActiveGate web server. Please also see Configuration of custom SSL certificate on ActiveGate.
ActiveGate version 1.165+ `certificate-password`	unset	Password to open the certificate file.
ActiveGate version 1.165+ `certificate-alias`	unset	Friendly name of the certificate in the `PKCS#12` file.

Section: [http.client]

For details on proper use of [http.client] properties, see Setting up proxy for ActiveGate.

Property	Default value	Description
`proxy-server`	unset	Proxy server address
`proxy-port`	unset	Proxy port (numeric)
`proxy-user`	unset	Proxy user name (optional)
`proxy-password`	unset	Proxy password (optional). The password provided in the `proxy-password` property is obfuscated following ActiveGate restart and the obfuscated password is stored in the `proxy-password-encr` property.

Section: [http.client.external]

For details on proper use of [http.client.external] properties, see Setting up proxy for ActiveGate.

Property	Default value	Description
`proxy-server`	unset	Proxy server address
`proxy-port`	unset	Proxy port (numeric)
`proxy-user`	unset	Proxy user name (optional)
`proxy-password`	unset	Proxy password (optional). The password provided in the `proxy-password` property is obfuscated following ActiveGate restart and the obfuscated password is stored in the `proxy-password-encr` property.

Section: [collector]

Property	Default value	Description
`MSGrouter`	`true`	ActiveGate enables routing of OneAgent and other ActiveGate traffic through Dynatrace.
ActiveGate version 1.159 or earlier `VMwareAgentEnabled`	Environment ActiveGate: `true`; Cluster ActiveGate: `true`	ActiveGate can be used to monitor VMware. The value of this property isn't respected by Environment ActiveGate, which can be used to monitor VMware.
ActiveGate version 1.159 or earlier `AWSAgentEnabled`	Environment ActiveGate: `false`; Cluster ActiveGate: `true`	Forces this ActiveGate to ignore dynatrace agent traffic. This setting is required to retrieve CloudTrail logs that are stored in AWS S3 buckets.
`LogDiskBufferPath`	`/tmp/diskbuffer`	Local path for log buffer. The property default may be different depending on the operating system.
`restInterface`	`true`	ActiveGate can be used to access the Dynatrace Environment API. To use your ActiveGate to make API calls with this feature, the URL must follow this pattern: `https://<GATEWAY>/e/<ENVIRONMENT>/api/v1/<API>` Only calls from the Environment API v1 are available with this feature. These call have `/api/v1/` in the URL. Configuration API (`/api/config/`) and Environment API v2 (`/api/v2/`) are not available via ActiveGate.
ActiveGate version 1.149 or earlier `enableHttpChecks`	`false`	HTTP Monitors in ActiveGate. For later releases, see ActiveGate configuration for HTTP monitors
`DumpSupported`	`false`	ActiveGate allows you to temporarily store memory dumps from OneAgent. Additional configuration in section [dump] is required.
ActiveGate version 1.169+ `trustedstore`	unset	Your trusted keystore (optional). The property `trustedstore` should contain the path to the file holding trusted certificates. That path should be relative to the ActiveGate SSL directory. Please also see Configuration of trusted root certificates on ActiveGate.
ActiveGate version 1.169+ `trustedstore-password`	changeit	Password of your trusted keystore (optional) which is encrypted during ActiveGate start. The obfuscated password is then stored in `trustedstore-password-encr`.
ActiveGate version 1.169+ `trustedstore-type`	JKS	Java default format of key and certificate databases (optional). The second supported format is `PKCS12`.

Section: [aws_monitoring]

ActiveGate version 1.161+

Property	Default value	Description
`aws_monitoring_enabled`	Environment ActiveGate: `false`; Cluster ActiveGate: `true`	Forces this ActiveGate to ignore Dynatrace OneAgent traffic. This setting is required to retrieve CloudTrail logs that are stored in AWS S3 buckets.

Section: [vmware_monitoring]

ActiveGate version 1.161+

Property	Default value	Description
`vmware_monitoring_enabled`	Environment ActiveGate: `true`; Cluster ActiveGate: `true`	ActiveGate can be used to monitor VMware. The value of this property isn't respected by Environment ActiveGate, which can be always used to monitor VMware.

Section: [synthetic]

ActiveGate version 1.151+

Property	Default value	Description
`enable_synthetic`	`false` in the Default deployment mode. `true` in the Synthetic monitoring deployment mode.	Enables this ActiveGate to execute synthetic monitors in private locations. Note that starting with ActiveGate version 1.159, changing this property to `true` works only if you earlier ran a clean installation of your ActiveGate and selected Synthetic monitoring as a deployment mode. If you installed the ActiveGate in the Default deployment mode and then set this proporty to `true`, you won't be able to use this ActiveGate for synthetic monitoring. In such case, you must reinstall the ActiveGate enabling the Synthetic monitoring deployment mode. For more information, see Installing synthetic-enabled ActiveGate

Section: [dump]

Property	Default value	Description
`dumpDir`	`dump`	Valid path of the storage directory used for dump storage
`maxSizeGb`	`100`	Storage quota in GBs. If full, the oldest dumps are overwritten until enough space is available to store a new dump.
`maxAgeDays`	`7`	Maximum age of a memory dump in days until the dump is automatically overwritten
`maxConcurrentUploads`	`5`	Maximum number of concurrent dump uploads from OneAgents
`downloadUrl`	unset	A custom download URL (for example, if ActiveGate is behind a load balancer or if ActiveGate only detected an IP address but the customer wishes to have a FQDN). The URL must contain the correct schema and port.