https://community.splunk.com/t5/Splunk-Dev/Splunk-Web-support-password-protected-private-keys-or-not/m-p/623062#M10859 <P>The documentation in version 9.0 and up is no longer asking to remove the password from the private key prior generating a CSR file.</P><P>Compare this documentation...</P><P><A href="https://docs.splunk.com/Documentation/Splunk/9.0.0/Security/Getthird-partycertificatesforSplunkWeb" target="_blank" rel="noopener">https://docs.splunk.com/Documentation/Splunk/9.0.0/Security/Getthird-partycertificatesforSplunkWeb</A></P><P>vs.</P><P>This one...</P><P><A href="https://docs.splunk.com/Documentation/Splunk/8.2.9/Security/Getthird-partycertificatesforSplunkWeb" target="_blank" rel="noopener">https://docs.splunk.com/Documentation/Splunk/8.2.9/Security/Getthird-partycertificatesforSplunkWeb</A></P><P>That says:</P><P><EM>Remove the password from the private key. You must do this because Splunk Web does not support private key passwords.</EM></P><P>In my case...</P><P>I am using Splunk version 9.0.2 and my private key (.key file) has password. I use it on web conf under <EM>sslPassword</EM></P> Fri, 02 Dec 2022 19:01:46 GMT osmanysr 2022-12-02T19:01:46Z https://community.splunk.com/t5/Splunk-Dev/Splunk-Web-support-password-protected-private-keys-or-not/m-p/408732#M7074 <P>From the latest document,</P> <P><A href="http://docs.splunk.com/Documentation/Splunk/latest/Security/Self-signcertificatesforSplunkWeb">http://docs.splunk.com/Documentation/Splunk/latest/Security/Self-signcertificatesforSplunkWeb</A></P> <P>It stated that</P> <PRE><CODE>Remove the password from your key. (Splunk Web does not support password-protected private keys.) </CODE></PRE> <P>However, from the web.conf page (starting from 6.6.0),</P> <P><A href="http://docs.splunk.com/Documentation/Splunk/latest/Admin/Webconf">http://docs.splunk.com/Documentation/Splunk/latest/Admin/Webconf</A></P> <P>It stated that</P> <PRE><CODE>sslPassword = &lt;password&gt; * Password protecting the private key specified by 'privKeyPath'. * Optional. Defaults to unencrypted private key. * If encrypted private key is used, do not enable client-authentication on splunkd server. In [sslConfig] stanza of server.conf, 'requireClientCert' must be 'false'. </CODE></PRE> <P>The 2 parameter seem contradict to each others. Any idea why?</P> Fri, 18 Jan 2019 08:12:36 GMT https://community.splunk.com/t5/Splunk-Dev/Splunk-Web-support-password-protected-private-keys-or-not/m-p/408732#M7074 daniel_splunk 2019-01-18T08:12:36Z https://community.splunk.com/t5/Splunk-Dev/Splunk-Web-support-password-protected-private-keys-or-not/m-p/408733#M7075 <P>I would suggest to follow our older version practise not to set password to protect the web private key. </P> <P>If password-protected private key is really needed in web.conf, don't set requireClientCert to true (default value is false) in server.conf</P> Fri, 18 Jan 2019 08:15:24 GMT https://community.splunk.com/t5/Splunk-Dev/Splunk-Web-support-password-protected-private-keys-or-not/m-p/408733#M7075 daniel_splunk 2019-01-18T08:15:24Z https://community.splunk.com/t5/Splunk-Dev/Splunk-Web-support-password-protected-private-keys-or-not/m-p/622549#M10850 <P>It certainly works with passwords in version 9</P> Wed, 30 Nov 2022 05:29:26 GMT https://community.splunk.com/t5/Splunk-Dev/Splunk-Web-support-password-protected-private-keys-or-not/m-p/622549#M10850 jeremyhagand61 2022-11-30T05:29:26Z https://community.splunk.com/t5/Splunk-Dev/Splunk-Web-support-password-protected-private-keys-or-not/m-p/623062#M10859 <P>The documentation in version 9.0 and up is no longer asking to remove the password from the private key prior generating a CSR file.</P><P>Compare this documentation...</P><P><A href="https://docs.splunk.com/Documentation/Splunk/9.0.0/Security/Getthird-partycertificatesforSplunkWeb" target="_blank" rel="noopener">https://docs.splunk.com/Documentation/Splunk/9.0.0/Security/Getthird-partycertificatesforSplunkWeb</A></P><P>vs.</P><P>This one...</P><P><A href="https://docs.splunk.com/Documentation/Splunk/8.2.9/Security/Getthird-partycertificatesforSplunkWeb" target="_blank" rel="noopener">https://docs.splunk.com/Documentation/Splunk/8.2.9/Security/Getthird-partycertificatesforSplunkWeb</A></P><P>That says:</P><P><EM>Remove the password from the private key. You must do this because Splunk Web does not support private key passwords.</EM></P><P>In my case...</P><P>I am using Splunk version 9.0.2 and my private key (.key file) has password. I use it on web conf under <EM>sslPassword</EM></P> Fri, 02 Dec 2022 19:01:46 GMT https://community.splunk.com/t5/Splunk-Dev/Splunk-Web-support-password-protected-private-keys-or-not/m-p/623062#M10859 osmanysr 2022-12-02T19:01:46Z