After instrumentation is complete, check the following aspects regarding communication with OneAgent.
If your Android app has network security configured, ensure that the HTTP traffic to the beaconUrl
endpoint is not blocked by the network security configuration.
Ensure that the GET and POST requests to the beaconUrl
endpoint are not blocked by a firewall.
For HTTPS communication, OneAgent verifies the server certificate and the hostname. OneAgent communication fails if the verification steps aren't completed.
If your Cluster ActiveGate doesn't have a certificate issued by a trusted intermediate or root Certificate Authority (CA), provide the server certificate for SSL communication in the Network Security Configuration file (for Android API level 24+).
To use the Network Security Configuration feature, add a domain-config
section to your network_security_config.xml
file.
<domain-config><domain includeSubdomains="true">your.domain.com</domain><trust-anchors><certificates src="@raw/your_server_certificate" /></trust-anchors></domain-config>
deprecated
If you need to provide a server certificate for apps with Android API level 23 and earlier, include the certificate in a KeyStore
object and provide this object to OneAgent by performing a manual startup via the DynatraceConfigurationBuilder
API. The KeyStore
object must hold the certificate chain of the Cluster ActiveGate to which you want to connect.
This option was deprecated with OneAgent SDK for Android version 8.257. From this version, only use the KeyStore
configuration for older Android versions.
If you use both the Network Security Configuration feature and the KeyStore
configuration, the latter takes precedence.
deprecated
You can also deactivate certificate validation. However, use this option with caution and not in the production code. Otherwise, deactivating the certificate validation might dismantle the connection authenticity. Also, note that the hostname verification cannot be deactivated.
This option was deprecated with OneAgent SDK for Android version 8.257.
You can deactivate the certificate validation via the certificateValidation
property.
You can also deactivate the certificate validation with the ConfigurationBuilder.withCertificateValidation(boolean)
method.
To use certificate pinning, follow the instructions provided by Android at Network security configuration > Pin certificates.
If HTTP requests of OneAgent don't fulfill the security requirements of your server infrastructure, you can modify the HTTP headers of OneAgent with the Dynatrace.setBeaconHeaders(Map<String, String>)
method. This feature allows you to add an Authorization
header to the HTTP requests and immediately reconnect to the Cluster ActiveGate when the token has expired.
To delete the old headers, call Dynatrace.setBeaconHeaders(null)
.
When the authorization information is already available at the app start, call the Dynatrace.setBeaconHeaders
method before the starting up Dynatrace.startup
method. Every HTTP request of the OneAgent will then have the correct headers.
If the authorization information is not available at the app start, call the Dynatrace.setBeaconHeaders
method when the information is available. The startup Dynatrace.startup
method should still be called in the Application.onCreate
method to track the correct start time. OneAgent will be automatically deactivated when the server sends an invalid status code response. The Dynatrace.setBeaconHeaders
method will activate OneAgent and will immediately reconnect to the Cluster ActiveGate.
If you use an authorization procedure, which requires you to regularly update a token, then you should add a CommunicationProblemListener
. The listener must be added via the DynatraceConfigurationBuilder
in the Dynatrace.startup
method.
When you use a CommunicationProblemListener
, OneAgent communication behavior is slightly different from the normal behavior. If the Cluster ActiveGate reacts with an invalid status code, like 403 Forbidden
, OneAgent won't reconnect to the server. Instead, OneAgent will wait until you have specified the correct headers with the method Dynatrace.setBeaconHeaders
. In this case, OneAgent will notify the CommunicationProblemListener
asynchronously in a background thread via the onFailure(int, String, String)
interface method. The following code snippet shows a sample implementation for the CommunicationProblemListener
interface:
The interface method onError(Throwable)
is asynchronously called when a communication problem occurs, such as a connection timeout or an SSL handshake error. In this case, OneAgent waits for a certain time and then reconnects to the Cluster ActiveGate. Normally you don't have to react on this callback method.
For efficiency, Dynatrace does not accept monitoring data older than 10 minutes. If the app is not connected to the internet for a longer period, OneAgent discards the old monitoring data and stops monitoring the app until the device establishes a new network connection.