https://community.splunk.com/t5/Security/How-do-I-Embed-Splunk-SSL-cert-in-client-application/m-p/423071#M12981 <P>@tesme,</P> <P>The error says that the the IP you are trying to connect is not part of the Subject Alternative Names (SAN).<BR /> SSL needs identification of the peer, otherwise your connection might be against a man-in-the-middle which decrypts + sniffs/modifies the data and then forwards them encrypted again to the real target. Identification is done with x509 certificates which need to be validated against a trusted CA and which need to identify the target you want to connect to.</P> <P>Usually the target is given as a hostname and this is checked against the subject and subject alternative names of the certificate. In this case your target is a IP. To validate the certificate successfully the IP must be given in the certificate inside the subject alternative names section, but not as an DNS entry (e.g. hostname) but instead as IP.</P> <P>You could try connecting with hostname or create new certificate pairs. If you are at a home network, probably you could disable the hostname verification from the client side or disable the ssl (not recommended though)</P> Wed, 22 Aug 2018 03:57:56 GMT renjith_nair 2018-08-22T03:57:56Z https://community.splunk.com/t5/Security/How-do-I-Embed-Splunk-SSL-cert-in-client-application/m-p/423070#M12980 <P>My program has a variable, a string that contains the Splunk PEM certificate. Every request that is sent to the API includes my program verifying the cert being presented by the Splunk server is the one in the application. Okay so the error message I get is that:<BR /> "Couldn't login to splunk: Post <A href="https://10.0.0.18:8089/services/auth/login:">https://10.0.0.18:8089/services/auth/login:</A> x509: cannot validate certificate for 10.0.0.18 because it doesn't contain any IP SANs"</P> <P>What am I missing here? There must be something about the Splunk architecture I am missing as related to certificates. BTW this is a FREE spunk server I am running at home.</P> Tue, 21 Aug 2018 19:48:03 GMT https://community.splunk.com/t5/Security/How-do-I-Embed-Splunk-SSL-cert-in-client-application/m-p/423070#M12980 tesme 2018-08-21T19:48:03Z https://community.splunk.com/t5/Security/How-do-I-Embed-Splunk-SSL-cert-in-client-application/m-p/423071#M12981 <P>@tesme,</P> <P>The error says that the the IP you are trying to connect is not part of the Subject Alternative Names (SAN).<BR /> SSL needs identification of the peer, otherwise your connection might be against a man-in-the-middle which decrypts + sniffs/modifies the data and then forwards them encrypted again to the real target. Identification is done with x509 certificates which need to be validated against a trusted CA and which need to identify the target you want to connect to.</P> <P>Usually the target is given as a hostname and this is checked against the subject and subject alternative names of the certificate. In this case your target is a IP. To validate the certificate successfully the IP must be given in the certificate inside the subject alternative names section, but not as an DNS entry (e.g. hostname) but instead as IP.</P> <P>You could try connecting with hostname or create new certificate pairs. If you are at a home network, probably you could disable the hostname verification from the client side or disable the ssl (not recommended though)</P> Wed, 22 Aug 2018 03:57:56 GMT https://community.splunk.com/t5/Security/How-do-I-Embed-Splunk-SSL-cert-in-client-application/m-p/423071#M12981 renjith_nair 2018-08-22T03:57:56Z https://community.splunk.com/t5/Security/How-do-I-Embed-Splunk-SSL-cert-in-client-application/m-p/423072#M12982 <P>How do you recommend adding in an IP SAN while creating a new self signed certificate in Splunk?</P> Tue, 28 Aug 2018 23:27:20 GMT https://community.splunk.com/t5/Security/How-do-I-Embed-Splunk-SSL-cert-in-client-application/m-p/423072#M12982 tesme 2018-08-28T23:27:20Z https://community.splunk.com/t5/Security/How-do-I-Embed-Splunk-SSL-cert-in-client-application/m-p/423073#M12983 <P>By the way, I am running a free splunk instance in virtual box.</P> Tue, 28 Aug 2018 23:42:38 GMT https://community.splunk.com/t5/Security/How-do-I-Embed-Splunk-SSL-cert-in-client-application/m-p/423073#M12983 tesme 2018-08-28T23:42:38Z