Home
Installation, Deployment, and Upgrade
Installing Unica Discover involves planning and preparing your environment, installing and configuring prerequisite software, obtaining the Unica Discover installation files, and running the Unica Discover installer.
Discover Network Capture Application Manual
SSL Keys
For decrypting transmissions by using the SSL protocol, the Unica Discover Network Capture Application must be provided the SSL keys in use in the transaction stream.
Generating a Self-Signed Certificate
To generate a self-signed certificate, you must use the openssl utility to generate a private key and a self-signed certificate for that key.
Using SHA-2 algorithm to generate the self-signed certificate
By default, the openssl command uses the SHA-1 algorithm to generate the self-signed certificate on the DNCA.

Installation, Deployment, and Upgrade
Installing Unica Discover involves planning and preparing your environment, installing and configuring prerequisite software, obtaining the Unica Discover installation files, and running the Unica Discover installer.
- Installation and Deployment Manual
- Discover Network Capture Application Manual
  - Discover Network Capture Application Overview
    Network Capture Application from Discover captures and records the complete interaction between the visitor and the web application environment by using a network tap or network switch spanning port. The Network Capture Application software features the following benefits:
  - Installing the Network Capture Application
    The following instructions can be used to assist the installation of your Network Capture Application software.
  - Configuring the DNCA
    The Unica Discover Network Capture Application can be configured through a web-based console or through the configuration files that are stored on the DNCA server. The following information guides you on how to configure the DNCA.
  - Upgrade for DNCA
    It is recommended that you always use the latest version of the Unica Discover Network Capture Application suitable for your version of Unica Discover.
  - Packet Forwarder Overview
    The Packet Forwarder is used to capture and forward hits to a cloud-based DNCA that is operating on a virtual machine.
  - SSL Keys
    For decrypting transmissions by using the SSL protocol, the Unica Discover Network Capture Application must be provided the SSL keys in use in the transaction stream.
    - Encrypted SSL Key Setup
      To decrypt SSL connections, customers must provide the DNCA software with their valid SSL keys.
    - Exporting the SSL private key
      In cases where web application traffic is transmitted over HTTPS, the DNCA software must be configured to decrypt the SSL connections. This configuration requires exporting a copy of the private key from an existing web server to the DNCA software.
    - Generating a Self-Signed Certificate
      To generate a self-signed certificate, you must use the openssl utility to generate a private key and a self-signed certificate for that key.
      - Using SHA-2 algorithm to generate the self-signed certificate
        By default, the openssl command uses the SHA-1 algorithm to generate the self-signed certificate on the DNCA.
  - Performance Measurement
    Performance measurement provides details on the Network Capture software performance and timestamp measurements.
  - Configuring DNCA on Red Hat Enterprise Linux™ (RHEL)
    The following sections contain important information for configuring DNCA in a Red Hat Enterprise Linux™ environment:
  - DNCA monitoring
    You can monitor the passive capturing to diagnose performance issues.
  - Overview of DNCA maintenance
    The maintenance utility performs routine maintenance and logging tasks for Discover DNCA. You can use the utility to help maintain the ability of the DNCA to perform DNCA.
  - DNCA frequently asked questions (FAQ)
    The following content contains frequently asked questions or scenarios that can be used to help isolate or fix an issue with your Network Capture Application.
  - Downloading Privacy Configuration
  - Enabling web console access through a single IP address
    You can specify a single IP address which can access the web console. Limiting access to a single IP address helps to prevent unauthorized access through an unknown system.
  - Applying authentication when accessing the web console
    You can improve security by enabling authentication to the web console.
- Unica Discover Session Archiving Installation Guide
  As you prepare for an installation, you need to gather some items, review hardware and software requirements, and then you can perform the installation.
- Discover Upgrade Manual

Using SHA-2 algorithm to generate the self-signed certificate

By default, the openssl command uses the SHA-1 algorithm to generate the self-signed certificate on the DNCA.

Optionally, you can use SHA-2 for the digital signature hash by adding the -sha256 option, as in the following command:


/usr/local/dncauser/bin/openssl req -x509 -sha256 -days 365 -newkey rsa:2048 \
  -key example.key -out example.crt

You can generate the SHA-2 key on another Linux™ system. To determine whether it is possible, run the following command in a non-DNCA environment:


openssl dgst ?h

The following line can be displayed in the generated output:


-sha256         to use the sha256 message digest algorithm

If the previous command is displayed, then the Linux™ installation accepts the SHA-2 option. You can run the following command without providing the DNCA-specific path:


openssl req -x509 -sha256 -days 365 -newkey rsa:2048 -key example.key -out \
  example.crt

Have feedback?
Google Analytics is used to store comments and ratings. To provide a comment or rating for a topic, click Accept All Cookies or Allow All in Cookie Preferences in the footer of this page.