https://community.splunk.com/t5/Security/Configure-Splunk-forwarding-to-use-your-own-certificates/m-p/439564#M10289 <P>Hi,</P> <P>I'm trying to configure Splunk forwarders and indexers to use our own certificates and while checking the documentation (<A href="https://docs.splunk.com/Documentation/Splunk/7.2.6/Security/ConfigureSplunkforwardingtousesignedcertificates">https://docs.splunk.com/Documentation/Splunk/7.2.6/Security/ConfigureSplunkforwardingtousesignedcertificates</A>) I've seen the following:</P> <PRE><CODE>**Configure your forwarders to use your certificates** ... [tcpout:group1] server=10.1.1.197:9997 disabled = 0 clientCert = &lt;path&gt; The full path to the client SSL certificate in PEM format. If this value is provided, the connection will use SSL. useClientSSLCompression = &lt;true&gt; Disabling tls compression can cause bandwidth issues. **sslPassword = The password for the CAcert** </CODE></PRE> <P>I don't understand how can the CAcert password needed as this is a private password. <BR /> Is this correct? Is the documentation okay? Could someone explain the reason for this?</P> <P>Thanks.</P> Mon, 06 May 2019 10:45:32 GMT jorcabro 2019-05-06T10:45:32Z https://community.splunk.com/t5/Security/Configure-Splunk-forwarding-to-use-your-own-certificates/m-p/439564#M10289 <P>Hi,</P> <P>I'm trying to configure Splunk forwarders and indexers to use our own certificates and while checking the documentation (<A href="https://docs.splunk.com/Documentation/Splunk/7.2.6/Security/ConfigureSplunkforwardingtousesignedcertificates">https://docs.splunk.com/Documentation/Splunk/7.2.6/Security/ConfigureSplunkforwardingtousesignedcertificates</A>) I've seen the following:</P> <PRE><CODE>**Configure your forwarders to use your certificates** ... [tcpout:group1] server=10.1.1.197:9997 disabled = 0 clientCert = &lt;path&gt; The full path to the client SSL certificate in PEM format. If this value is provided, the connection will use SSL. useClientSSLCompression = &lt;true&gt; Disabling tls compression can cause bandwidth issues. **sslPassword = The password for the CAcert** </CODE></PRE> <P>I don't understand how can the CAcert password needed as this is a private password. <BR /> Is this correct? Is the documentation okay? Could someone explain the reason for this?</P> <P>Thanks.</P> Mon, 06 May 2019 10:45:32 GMT https://community.splunk.com/t5/Security/Configure-Splunk-forwarding-to-use-your-own-certificates/m-p/439564#M10289 jorcabro 2019-05-06T10:45:32Z https://community.splunk.com/t5/Security/Configure-Splunk-forwarding-to-use-your-own-certificates/m-p/439565#M10290 <P>Passwords keep private certificates private.</P> Mon, 06 May 2019 15:25:52 GMT https://community.splunk.com/t5/Security/Configure-Splunk-forwarding-to-use-your-own-certificates/m-p/439565#M10290 richgalloway 2019-05-06T15:25:52Z https://community.splunk.com/t5/Security/Configure-Splunk-forwarding-to-use-your-own-certificates/m-p/439566#M10291 <P>The documentation has been updated and the error has been fixed.</P> <PRE><CODE>[tcpout:group1] server=10.1.1.197:9997 disabled = 0 clientCert = &lt;The full path to the client SSL certificate, in PEM format. If this value is provided, the connection will use SSL.&gt; useClientSSLCompression = true (Disabling TLS compression can cause bandwidth issues.) sslPassword = &lt;password for the client certificate&gt; </CODE></PRE> Tue, 22 Oct 2019 15:21:48 GMT https://community.splunk.com/t5/Security/Configure-Splunk-forwarding-to-use-your-own-certificates/m-p/439566#M10291 jorcabro 2019-10-22T15:21:48Z