https://community.splunk.com/t5/Security/Can-you-use-3rd-party-cert-for-Splunk-Web-while-using-another/m-p/334588#M8531 <P>hey iamjvn,</P> <P>You can refer the following doc:<BR /> <A href="https://conf.splunk.com/session/2015/conf2015_DWaddle_DefensePointSecurity_deploying_SplunkSSLBestPractices.pdf">https://conf.splunk.com/session/2015/conf2015_DWaddle_DefensePointSecurity_deploying_SplunkSSLBestPractices.pdf</A></P> <P><A href="https://docs.splunk.com/Documentation/Splunk/7.0.2/Security/Getthird-partycertificatesforSplunkWeb">https://docs.splunk.com/Documentation/Splunk/7.0.2/Security/Getthird-partycertificatesforSplunkWeb</A></P> <P><A href="https://docs.splunk.com/Documentation/Splunk/7.0.2/latest/SecureSplunkWebusingasignedcertificate">https://docs.splunk.com/Documentation/Splunk/7.0.2/latest/SecureSplunkWebusingasignedcertificate</A></P> <P>Let me know if this helps!!!</P> Thu, 08 Mar 2018 18:18:19 GMT deepashri_123 2018-03-08T18:18:19Z https://community.splunk.com/t5/Security/Can-you-use-3rd-party-cert-for-Splunk-Web-while-using-another/m-p/334587#M8530 <P>It seems the Splunk Web application does not allow for configuration to serve a 3rd party certs for Splunk Web 443, while using another client-side cert connecting to Splunk API 8089. Is my conclusion correct?</P> <P>I'm referring to the following 2 types of exchanges:<BR /> 1. Browser (client) to Splunk Web 443/8443 (server) - 3rd party certs with 3rd party root CA - WORKS<BR /> 2. Splunk Web (client) to Splunkd 8089 (server) - self-signed with own CA root cert - DOES NOT WORK - The 3rd party cert is provided by Splunk Web as the client-side cert, which is not what I want.</P> <P>My problem is that connection #2 does not authenticate the Splunk Web client because it seems I cannot configure it to use a different certificate for the Splunk Web client-side of the connection to Splunkd.</P> <P>server.conf:</P> <PRE><CODE>[sslConfig] serverCert=/my-own-certs/self-signed-certificate1.pem requireClientCert=true </CODE></PRE> <P>web.conf:</P> <PRE><CODE>[settings] serverCert=/provided-certs/3rd-party-certificate.pem </CODE></PRE> <P>What am I missing here?</P> Wed, 07 Mar 2018 18:28:49 GMT https://community.splunk.com/t5/Security/Can-you-use-3rd-party-cert-for-Splunk-Web-while-using-another/m-p/334587#M8530 iamjvn 2018-03-07T18:28:49Z https://community.splunk.com/t5/Security/Can-you-use-3rd-party-cert-for-Splunk-Web-while-using-another/m-p/334588#M8531 <P>hey iamjvn,</P> <P>You can refer the following doc:<BR /> <A href="https://conf.splunk.com/session/2015/conf2015_DWaddle_DefensePointSecurity_deploying_SplunkSSLBestPractices.pdf">https://conf.splunk.com/session/2015/conf2015_DWaddle_DefensePointSecurity_deploying_SplunkSSLBestPractices.pdf</A></P> <P><A href="https://docs.splunk.com/Documentation/Splunk/7.0.2/Security/Getthird-partycertificatesforSplunkWeb">https://docs.splunk.com/Documentation/Splunk/7.0.2/Security/Getthird-partycertificatesforSplunkWeb</A></P> <P><A href="https://docs.splunk.com/Documentation/Splunk/7.0.2/latest/SecureSplunkWebusingasignedcertificate">https://docs.splunk.com/Documentation/Splunk/7.0.2/latest/SecureSplunkWebusingasignedcertificate</A></P> <P>Let me know if this helps!!!</P> Thu, 08 Mar 2018 18:18:19 GMT https://community.splunk.com/t5/Security/Can-you-use-3rd-party-cert-for-Splunk-Web-while-using-another/m-p/334588#M8531 deepashri_123 2018-03-08T18:18:19Z