Submit a ticketCall us

AnnouncementsAre You “Flying Blind?”

When it comes to your complex IT infrastructure, you want to ensure you have a good grasp of what’s going on to avoid any fire drills that result from guesswork. Read our white paper to learn how proactively monitoring your IT environment can help your organization while giving you peace of mind.

Get your free white paper.

Home > Success Center > Web Performance Monitor (WPM) > WPM - Knowledgebase Articles > Deploy WPM Player to AWS cloud instance with TLS 1.2-only enabled in WPM 2.2.2

Deploy WPM Player to AWS cloud instance with TLS 1.2-only enabled in WPM 2.2.2

Updated August 1, 2018

Overview

If you deploy a WPM Player to an Amazon Web Services (AWS) cloud instance and Transport Layer Security (TLS) version 1.2 is the only TLS version enabled on the Orion server, player installation may fail and the following message may appear in the Transaction Details section of the Transaction Group Details page: 

Communication Error: The request was aborted: Could not create SSL/TLS secure channel."

Environment

Cause 

WPM cannot create a Secure Sockets Layer (SSL)/TLS secure channel for the WPM Player when deployed to an AWS instance.

Resolution

Before deploying a WPM Player to an AWS cloud instance, enable TLS 1.0 on the Orion server. After the player is installed, you can change the TLS setting by modifying the Windows registry key.

SolarWinds strongly recommends that you back up your registry before changing your system registry. You should only edit the registry if you are experienced and confident in doing so. Using a registry editor incorrectly can cause serious issues with your operating system, which could require you to reinstall your operating system to correct them. SolarWinds cannot guarantee resolutions to any damage resulting from making registry edits.

To deploy a WPM Player to an AWS cloud instance:

  1. Enable TLS 1.0 on the Orion server by updating the following registry key. See Enable TLS in Orion Platform products for reference.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Client

  1. Log into the AWS instance and add a WPM Player. The WPM Transaction Player Setup Wizard will prompt you to provide a password in the Password for the Cloud Instance field. 
  2. Log into the AWS Management Console and navigate to the machine that hosts the WPM Player.
  3. Add the machine to the SeumSecurityGroup-Player AWS Security Group that allows logins via Remote Desktop Protocol (RDP) connection. That is the only Security Group that allows communication between the Orion server and WPM Players.
  4. Enable TLS 1.2 on the Orion server by updating the following registry key. 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.0\Client

Additional reference topics include:

  1. TLS compatibility with Orion Platform products 
  2. Enable TLS 1.2 on Windows Server 2008

 

Disclaimer: Please note, any content posted herein is provided as a suggestion or recommendation to you for your internal use. This is not part of the SolarWinds software or documentation that you purchased from SolarWinds, and the information set forth herein may come from third parties. Your organization should internally review and assess to what extent, if any, such custom scripts or recommendations will be incorporated into your environment.  You elect to use third party content at your own risk, and you will be solely responsible for the incorporation of the same, if any.

Microsoft links belong to Microsoft Corp., © 2018, obtained on August 1, 2018. AWS links belong to Amazon Web Services, Inc.,  © 2018, obtained on August 1, 2018.

 

 

Last modified

Tags

Classifications

Public