Web Browsers are continuously being updated to improve security. Some recent patches have changed how browsers handle the SSL Certificates required for https encryption. This change may cause issues when using the Uptime Infrastructure Monitor WAT Recorder to record https web transactions.
This article provides some possible workarounds for getting the WAT Recorder to work with common web browsers.
Web Transaction Monitor is Java-based and does NOT work with modern browsers. Creating new monitors is disabled. This monitor works only if your UIM installation already has previously-captured Web Transaction monitor recordings. This does not affect previously-configured Web Transaction Monitors.
Internet Explorer
The Cumulative Security Update for Internet Explorer patch changes how the browser handles Self Signed SSL Certificates, which are used with the WAT Recorder. To use IE to record an https session, this patch will need to be un-installed from the Windows desktop being used to record the session (not the monitoring station itself).
After you have successfully recorded the WAT session, you can re-install the patch, as the monitor itself is not affected, just the ability to record the session is impaired.
For more details about the Cumulative update, please refer to Microsoft Security Bulletin MS12-037.
Firefox
Firefox should allow you to record a WAT session after acknowledging the warnings that the connection is untrusted, and that the page is using an invalid security certificate. However, it is possible to get stuck on the following error even after adding exceptions for the page you are trying to record a WAT session for.
The certificate is not trusted because it is self-signed.
The certificate is only valid for Uptime Infrastructure Monitor end to end monitor keystore.
Error code: sec_error_untrusted_issuer
If you are getting stuck on this particular error, try the following process to clear Firefox's cached SSL certs & exceptions before trying to record the WAT session again:
- Launch Firefox and enter about:support in the address bar. On the page that opens, click on the Show Folder button beside Profile Folder.
- This will open the folder that contains the contents of your current Firefox profile. Leave this window open but quit Firefox completely.
- You should see two files in the folder:
cert8.db (this file contains the cached SSL certs)
cert_override.txt (this file contains the domains with acknowledged exceptions)
Both of these files will need to be either re-named or deleted before restarting Firefox. Firefox will generate new versions of these files on launch if they do not exist with the default names.
After re-starting Firefox, start the WAT Recorder and change your proxy settings before visiting the https page you intend to monitor. Otherwise you will need to quit and remove the cert8.db file again.
You should now be able to successfully record a https WAT session after adding exceptions for the intended https page, but without getting stuck on the warning about self-signed certificates.
If you are still having issues recording an https protected WAT session after attempting the above workarounds, please contact uptime-support@idera.com and provide the following information:
- Type and version of web browser are you using to record the WAT session.
- Any error messages received either in the WAT recorder or the web browser itself.
- Details of the partial WAT script you were able to record.
- Link to the https protected page if it is externally available over the Internet.