Install an Environment ActiveGate on Linux

Follow these steps to install an Environment ActiveGate on Linux.

Before you begin

  • If you plan to use the ActiveGate for a private Synthetic location, see System and hardware requirements for private Synthetic locations.
  • Decide what will be your ActiveGate purpose. You can use your ActiveGate for one of the following purposes:
  • Ensure that your firewall settings allow communication to Dynatrace. Environment ActiveGate listens (accepts incoming connections) on port 9999 and talks to Dynatrace (makes outgoing connections) on port 443. For more information, see Which network ports does ActiveGate use?.
  • Normally it’s fine to install an Environment ActiveGate at any time following OneAgent installation. In some cases, however, the OneAgent installer must know about your Environment ActiveGate installation before OneAgent can be installed.

Start installation

Sign in to Dynatrace, select Deploy Dynatrace from the navigation menu and select Install ActiveGate.

Download the installer

How you download your installer depends on your setup and needs. You can choose to download an installer directly to the server where you plan to install Environment ActiveGate or you can download an installer to a different machine and then transfer the installer to the server.

  1. Select the ActiveGate purpose.

  2. Click Download installer.
    If you plan to download Environment ActiveGate directly to the server, make sure your system is up to date, especially SSL and related certificate libraries. Outdated libraries (for example, CA certificates) or missing OpenSSL will prevent the installer from downloading (we use encrypted connections, so OpenSSL is required to enable wget to access the server).

    • Download the installer using one of these options:
      • Run the command
        Copy the wget command line from the text box, and paste the command into your terminal window on a machine where you plan to install the ActiveGate. Make sure you copy the command directly from the first text box, because it contains your environment ID.
      • Download via browser
        No internet access on servers? You can also download the installer by clicking the ActiveGate installer link at the bottom of the page and saving the installer script to any location on your system, thereby bypassing the wget command altogether.
  • Verify the signature
    Wait for the download to complete. Then verify the signature by copying the command from the second Verify signature text box and pasting the command into your terminal window.

Run the installer

An install parameter (determined by the ActiveGate purpose you selected) is automatically set for the command to run the installer. Make sure you use the command displayed in the Dynatrace web UI that reflects the ActiveGate purpose.

Copy the installation script command from the Run the installer with root rights step and paste it into your terminal.

You only need root rights to install an ActiveGate. The user running the ActiveGate service doesn't require root rights. If you don't specify your own user to run the ActiveGate service, existing or not, the installer will create and use the dtuserag user by default.

To install ActiveGate, run one of the following pairs of commands in the directory where you downloaded the installation script.

  • Ubuntu Server

    [user@ubuntu]# chmod + x  
    [user@ubuntu]# sudo ./
  • Red Hat Enterprise Linux

    [user@rhel]# chmod + x  
    [user@rhel]# su ./
  • Other Linux distributions with root session

    [root@host]# chmod + x  
    [root@host]# ./

Customizing installation

You can add additional parameters to the installation command to customize your installation. For example, to run an Environment ActiveGate with a custom user, use the USER=<user name> parameter:

[root@host]# USER=Peter

Environment ActiveGate can use an HTTP proxy server address. Use an additional PROXY command line parameter whose value is the proxy address and port. For example, PROXY="".

If you want to set up the proxy for ActiveGate, see Setting up a proxy for ActiveGate

Default installation directories

  • Distribution directory: /opt/dynatrace/gateway_<id>
  • Install/Binaries directory: /opt/dynatrace/gateway
  • TEMP directory: /var/tmp/dynatrace/gateway
  • ActiveGate configuration: /var/lib/dynatrace/gateway/config
  • Log files directory: /var/log/dynatrace/gateway

You've arrived

After Environment ActiveGate connects to Dynatrace, installation is complete and OneAgent is reconfigured to send monitoring data through Environment ActiveGate.

To check the status of the installation, click Show deployment status and select the Dynatrace ActiveGates tab.

You can also check the Troubleshoot ActiveGate page for solutions to problems related to ActiveGate.

Proxy certificate

optional You can add a proxy certificate. If you use a proxy that performs SSL termination, add a proxy certificate to the ActiveGate trusted keystore file trusted.jks.

The trusted.jks file has the following path:
[CONFIG] is the top-level ActiveGate configuration directory, /var/lib/dynatrace by default.
For example:

Execute the following command in the folder where trusted.jks resides (or provide a path to trusted.jks):

keytool -importcert -file <path to your SSLcert.cer> -keystore trusted.jks

When prompted, provide the trusted keystore password. You can find the password in the ActiveGate file.