Skip to main content

Entuity v23.0 known issues

Elizabeth McKee
Updated

Applicable to Entuity v23.0 only. If you are using a different version of Entuity, please see the following as appropriate:

 

 

Certificate trust issue with Entuity Agents

Telemetry data streamed from a device appears duplicate

 

 

Certificate trust issue with Entuity Agents

If a self-signed or wildcard certificate is used on an Entuity server, the Entuity Agent might fail to register with the Entuity server, as the Java SSL implementation does not trust the certificate of the Entuity server. To address this issue, the certificate of the Entuity server must be imported into the keystore of the Entuity Agent, or a full chain certificate must be used on the server. 

Each time an Entuity Agent has an application installed or updated, the imported self-signed or wildcard certificate is removed from the Entuity Agent. This occurs after the initial installation, after registration when the Entuity Agent Updater is self-upgraded, when the Entuity Agent Collector application is installed, and after each application is upgraded. Please see the following procedures to fix this issue, depending on the type of certificate used.

 

How to trust a self-signed certificate on an Entuity Agent: 

  1. Import the self-signed certificate into the Entuity Agent Updater keystore.

    Windows:

    .\keytool -import -alias my_entuity_server -trustcacerts -file "certificate_directory_path/certificate_file_name.crt" -keystore "C:\Program Files\Entuity\Agent\agentupdater\lib\jdk\WIN32.x64\lib\security\cacerts"

    Linux:

    ./keytool -import -alias my_entuity_server -trustcacerts -file "certificate_directory_path/certificate_file_name.crt" -keystore "/opt/Entuity/agent/agentupdater/lib/jdk/LINUX.x64/lib/security/cacerts"

     

  2. Restart the Entuity Agent Updater service.

    Windows:

    sc.exe stop ParkPlaceTechAgentUpdater  
    sc.exe start ParkPlaceTechAgentUpdater

    Linux:

    systemctl restart parkplacetech-agent-updater.service

     

  3. After the Entuity Collector application is installed, import the certificate into the Entuity Collector keystore.  

    Windows:

    .\keytool -import -alias my_entuity_server -trustcacerts -file "certificate_directory_path/certificate_file_name.crt" -keystore "C:\Program Files\Entuity\Agent\collector\lib\jdk\WIN32.x64\lib\security\cacerts"

    Linux:

    ./keytool -import -alias my_entuity_server -trustcacerts -file "certificate_directory_path/certificate_file_name.crt" -keystore "/opt/Entuity/agent/collector/lib/jdk/LINUX.x64/lib/security/cacerts"

     

  4. Restart the Entuity Collector service.

    Windows:

    sc.exe stop ParkPlaceTechCollector  
    sc.exe start ParkPlaceTechCollector

    Linux:

    systemctl restart parkplacetech-collector.service

     

 

How to trust a wildcard certificate on an Entuity Agent:  

If a wildcard certificate is used on an Entuity Agent, the agent might fail to register with the Entuity server, as the Java SSL implementation does not trust the certificate that is used. However, if the Entuity server is configured with a full chain certificate, the wildcard certificate on the Entuity Agent will be trusted. If the Entuity server doesn't have a full chain certificate configured, you can construct a full chain certificate by downloading the intermediate and root certificates, and concatenating them to the leaf certificate.

  1. Open the leaf .cer file, and navigate to the Certification Path tab.

  2. Select the intermediate certificate, and click View Certificate.
    Viewing intermediate certificate

  3. Navigate to the Details tab, and click Copy to File.
    Copy the certificate
  4. Select the Base-64 encoded X.509 (.CER) radio button, and click Next.
    certificate_base64.png
  5. Save the certificate by selecting a file path and name.
  6. Repeat Steps 2-5 until all certificates are downloaded up to the root, while keeping track of the order of the leaf certificate up to the root certificate.
  7. Copy the original .cer file, and concatenate the intermediate and root certificates in reverse order, like so:
    1. leaf (the *.entuity.com .cer)
    2. intermediate .cer
    3. root .cer
      Concatenate the certificates
  8. Use this full chain certificate in Entuity.
    The full chain certificate lets the Entuity Agent connect to the Entuity server, with no extra steps required on the Entuity Agent after each agent install or update.

This issue will be fixed in Entuity v23 P01. Until then, use this workaround.

 

 

Telemetry data streamed from a device appears duplicate

If a device that is streaming telemetry data to the Entuity server is sending multiple messages within a 10-second window (or, sending 10-second samples), the messages are updated in a batch, causing the same timestamp for the data in Entuity. This makes the data appear as duplicate, even if the values are different. 

To address this issue, prevent the device telemetry samples from batching together: 

  1. Navigate to entuity_home/lib/telegraf/conf, and open the telegraf-entuity-common.conf file.

  2. Edit the telegraf-entuity-common.conf file by adding flush_interval = 1  to the [agent] section of the file.
    For example:

    [agent]
    logformat = "text" 
    logfile = 'C:\Installs\Entuity_23_0_GA\log\telegraf.log' 
    logfile_rotation_max_size = "10MB" 
    logfile_rotation_max_archives = 5
    flush_interval = 1

  3. Restart Entuity. See How do I start or stop Entuity?.

This issue will be fixed in Entuity v23.0 P01. Until then, use this workaround.

Was this article helpful?

0 out of 0 found this helpful
Return to top

Related articles

Comments

0 comments

Please sign in to leave a comment.