Skip to content

[DOCS-10975] add Windows steps for PL root certificates #29485

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 8 commits into from
May 22, 2025
Merged

[DOCS-10975] add Windows steps for PL root certificates #29485

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
2624b5b
add Windows steps for PL root certificates
aliciascott May 21, 2025
d8a6ce2
remove stray </a> tag
aliciascott May 21, 2025
7e27368
add standalone process
aliciascott May 21, 2025
d704f53
fixing windows command
aliciascott May 22, 2025
b3d4acb
fixing some vale stuff
aliciascott May 22, 2025
35a3f02
fixing period
aliciascott May 22, 2025
7f46c66
Apply suggestions from code review
aliciascott May 22, 2025
b8ce301
fixes from Joe's review
aliciascott May 22, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
45 changes: 44 additions & 1 deletion content/en/synthetics/platform/private_locations/_index.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -666,7 +666,50 @@ For more information about private locations parameters for admins, see [Configu

You can upload custom root certificates to your private locations to have your API and browser tests perform the SSL handshake using your own `.pem` files.

When spinning up your private location containers, mount the relevant certificate `.pem` files to `/etc/datadog/certs` in the same way you mount your private location configuration file. These certificates are considered trusted CA and are used at test runtime. **Note**: If you combine all your `.pem` files into one file, then the order in which the certificates are placed matters. It is required that the intermediate certificate precedes the root certificate to successfully establish a chain of trust.
{{< tabs >}}
{{% tab "Linux container" %}}

When spinning up your private location containers, mount the relevant certificate `.pem` files to `/etc/datadog/certs` in the same way you mount your private location configuration file. These certificates are considered trusted CA and are used at test runtime.

<div class="alert alert-info"><strong>Note</strong>: If you combine all your <code>.pem</code> files into one file, the sequence of the certificates within the file is important. It is required that the intermediate certificate precedes the root certificate to successfully establish a chain of trust.</div>

{{% /tab %}}

{{% tab "Windows service" %}}

To install root certificates for private locations on a Windows service, use the following steps:

1. Open the Registry Editor App.
2. Navigate to the entry `Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\synthetics-private-location`.
3. Create a Registry key named `Environment` with the `Multi-string` value type.

<div class="alert alert-info"><strong>Note</strong>: Your certificate needs to be in the same folder as the your Synthetic Monitoring Service:
default: <code>C:\Program Files\Datadog-Synthetics\Synthetics</code>.</div>

4. Set the value `NODE_EXTRA_CA_CERTS=C:\Program Files\Datadog-Synthetics\Synthetics\CACert.pem`

{{< img src="synthetics/private_locations/windows_pl_set_service.png" alt="Your image description" style="width:100%;" >}}

5. Open the Services App and reload the Datadog Synthetic Monitoring Private Location service.

{{% /tab %}}

{{% tab "Windows standalone" %}}

To install root certificates for private locations on a standalone Windows process with `synthetics-private-location.exe`, use the following steps:

1. Open your Windows command prompt or PowerShell.

2. Set the environment variable and call the executable.

Example:

```text
set NODE_EXTRA_CA_CERTS=C:\Program Files\Datadog-Synthetics\Synthetics\CACert.pem && .\synthetics-private-location.exe --config "C:\ProgramData\Datadog-Synthetics\Synthetics\worker-config.json"
```

{{% /tab %}}
{{< /tabs >}}

#### Set up liveness and readiness probes

Expand Down
Binary file added static/images/synthetics/private_locations/windows_pl_set_service.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Loading