How do I configure my RPM based OpenSSL environment to use the Splunk version of OpenSSL?

wildbill4 — Mon, 28 Sep 2020 14:30:37 GMT

In splunk>docs (docs.splunk.com/Documentation/Splunk/5.0.3/Security/Howtoself-signcertificates), in the second paragraph, Before you begin, we are told to "Make sure that you are using the version of OpenSSL provided with Splunk by setting your environment to the version in $SPLUNK_HOME/splunk/lib in *nix or $SPLUNK_HOME/splunk/bin in Windows."

This may be an outdated version of how-to-self-sign certificates, since it reference a non existent directory ($SPLUNK_HOME/splunk/lib). All the directions I have used to recreate self signed certificates have not worked so far. Perhaps its the version of Redhat I'm using, 2.6.18-348.3.1.el5.

The version of Redhat I am using (2.6.18-348.3.1.el5) is contained in a DoDIIS Linux Build that also has OpenSSL installed. This version contains RPM's (openssl-0.9.8e-22.el5_8.4 and openssl-devel-0.9.8e-22.el5_8.4). The openssl package contains:

rpm -qi openssl-0.9.8e-22.el5_8.4:

Name : openssl Relocations: (not relocatable)
Version : 0.9.8e Vendor: Red Hat, Inc.
Release : 22.el5_8.4 Build Date: Tue 15 May 2012 06:44:18 AM EDT
Install Date: Tue 29 Jan 2013 10:06:08 AM EST Build Host: x86-004.build.bos.redhat.com
Group : System Environment/Libraries Source RPM: openssl-0.9.8e-22.el5_8.4.src.rpm
Size : 3641279 License: BSDish
Signature : DSA/SHA1, Mon 28 May 2012 05:03:31 AM EDT, Key ID 5326810137017186
Packager : Red Hat, Inc. http://bugzilla.redhat.com/bugzilla
URL : http://www.openssl.org/
Summary : The OpenSSL toolkit
Description :
The OpenSSL toolkit provides support for secure communications between
machines. OpenSSL includes a certificate management tool and shared
libraries which provide various cryptographic algorithms and
protocols.

I am not sure how to reconfigure my version of Redhat to use the Splunk version without breaking things. Also, I am not sure that I actually need to re-configure to use the Splunk version. Perhaps this document is just out of date and an updated version is available? Either way, I am just trying to re-generate new self-signed certificates that will work with Splunk. Any help would be greatly appreciated.

Thanks

Re: How do I configure my RPM based OpenSSL environment to use the Splunk version of OpenSSL?

JohnBACSplunk — Wed, 02 Oct 2013 21:28:53 GMT

I would like to see that documentation updated. When I attempt to use Splunks openssl to create a cert the following error occurs:

openssl: error while loading shared libraries: libssl.so.0.9.8: cannot open shared object file: No such file or directory

This problem was asked in http://answers.splunk.com/answers/32462/creating-new-csr-unable-to-find-shared-library-libsslso098 and there are no answers.

Any help would be appreciated.

Re: How do I configure my RPM based OpenSSL environment to use the Splunk version of OpenSSL?

rossikwan — Thu, 23 Jan 2014 09:47:40 GMT

Got this problem too and try to use absolute path for the /usr/bin/openssl as below

/usr/bin/openssl genrsa -des3 -out mySplunkWebPrivateKey.key 2048

It's because the path "/opt/splunk/bin" in environment variable $PATH$ is located before the "/usr/bin"

topic Re: How do I configure my RPM based OpenSSL environment to use the Splunk version of OpenSSL? in Security

How do I configure my RPM based OpenSSL environment to use the Splunk version of OpenSSL?

Re: How do I configure my RPM based OpenSSL environment to use the Splunk version of OpenSSL?

Re: How do I configure my RPM based OpenSSL environment to use the Splunk version of OpenSSL?