<?xml version="1.0" encoding="UTF-8"?>
<rss xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:taxo="http://purl.org/rss/1.0/modules/taxonomy/" version="2.0">
  <channel>
    <title>topic Re: Self-signed certificate in certificate while using CLI in Getting Data In</title>
    <link>https://community.splunk.com/t5/Getting-Data-In/Self-signed-certificate-in-certificate-while-using-CLI/m-p/670429#M112419</link>
    <description>&lt;P&gt;Hi&lt;/P&gt;&lt;P&gt;have you already looked these:&lt;/P&gt;&lt;UL&gt;&lt;LI&gt;&lt;A href="https://docs.splunk.com/Documentation/Splunk/9.1.2/Security/AboutsecuringyourSplunkconfigurationwithSSL" target="_blank"&gt;https://docs.splunk.com/Documentation/Splunk/9.1.2/Security/AboutsecuringyourSplunkconfigurationwithSSL&lt;/A&gt;&lt;/LI&gt;&lt;LI&gt;&lt;A href="https://conf.splunk.com/watch/conf-online.html?search.event=conf23&amp;amp;search=SEC1936B#/" target="_blank"&gt;https://conf.splunk.com/watch/conf-online.html?search.event=conf23&amp;amp;search=SEC1936B#/&lt;/A&gt;&lt;/LI&gt;&lt;/UL&gt;&lt;P&gt;r. Ismo&lt;/P&gt;</description>
    <pubDate>Fri, 01 Dec 2023 07:35:28 GMT</pubDate>
    <dc:creator>isoutamo</dc:creator>
    <dc:date>2023-12-01T07:35:28Z</dc:date>
    <item>
      <title>Self-signed certificate in certificate while using CLI</title>
      <link>https://community.splunk.com/t5/Getting-Data-In/Self-signed-certificate-in-certificate-while-using-CLI/m-p/627086#M107666</link>
      <description>&lt;P&gt;Hi All,&lt;/P&gt;&lt;P&gt;I am trying to list all tokens via splunk http-event-collector cli and it retruned error as below:&lt;/P&gt;&lt;LI-CODE lang="markup"&gt;[centos8-1 mycerts]$ ~/splunk/bin/splunk http-event-collector list -uri https://centos8-1:8089
ERROR: certificate validation: self signed certificate in certificate chain
Cannot connect Splunk server&lt;/LI-CODE&gt;&lt;P&gt;I used openssl to try to connect to my server, it returned code 0. However, if I used the splunk openssl, it will return code 19. And from splunkd.log it said:&lt;/P&gt;&lt;LI-CODE lang="markup"&gt;01-14-2023 01:25:22.088 +0800 WARN  HttpListener [75758 HttpDedicatedIoThread-6] - Socket error from 192.168.30.128:59764 while idling: error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca - please check the output of the `openssl verify` command for the certificates involved; note that if certificate verification is enabled (requireClientCert or sslVerifyServerCert set to "true"), the CA certificate and the server certificate should not have the same Common Name.&lt;/LI-CODE&gt;&lt;P&gt;Once I commented out&amp;nbsp;cliVerifyServerName in servers.conf, the cli works but with warning as below:&lt;/P&gt;&lt;LI-CODE lang="markup"&gt;WARNING: Server Certificate Hostname Validation is disabled. Please see server.conf/[sslConfig]/cliVerifyServerName for details.&lt;/LI-CODE&gt;&lt;P&gt;May I know if I missed any configuration here? The cert is generated on my own and indeed it is self-signed one.&lt;/P&gt;</description>
      <pubDate>Fri, 13 Jan 2023 17:35:21 GMT</pubDate>
      <guid>https://community.splunk.com/t5/Getting-Data-In/Self-signed-certificate-in-certificate-while-using-CLI/m-p/627086#M107666</guid>
      <dc:creator>dujas</dc:creator>
      <dc:date>2023-01-13T17:35:21Z</dc:date>
    </item>
    <item>
      <title>Re: Self-signed certificate in certificate while using CLI</title>
      <link>https://community.splunk.com/t5/Getting-Data-In/Self-signed-certificate-in-certificate-while-using-CLI/m-p/670394#M112414</link>
      <description>&lt;P&gt;were you ever able to figure this out? I am facing the same issue&lt;/P&gt;</description>
      <pubDate>Thu, 30 Nov 2023 20:45:48 GMT</pubDate>
      <guid>https://community.splunk.com/t5/Getting-Data-In/Self-signed-certificate-in-certificate-while-using-CLI/m-p/670394#M112414</guid>
      <dc:creator>himaniarora20</dc:creator>
      <dc:date>2023-11-30T20:45:48Z</dc:date>
    </item>
    <item>
      <title>Re: Self-signed certificate in certificate while using CLI</title>
      <link>https://community.splunk.com/t5/Getting-Data-In/Self-signed-certificate-in-certificate-while-using-CLI/m-p/670429#M112419</link>
      <description>&lt;P&gt;Hi&lt;/P&gt;&lt;P&gt;have you already looked these:&lt;/P&gt;&lt;UL&gt;&lt;LI&gt;&lt;A href="https://docs.splunk.com/Documentation/Splunk/9.1.2/Security/AboutsecuringyourSplunkconfigurationwithSSL" target="_blank"&gt;https://docs.splunk.com/Documentation/Splunk/9.1.2/Security/AboutsecuringyourSplunkconfigurationwithSSL&lt;/A&gt;&lt;/LI&gt;&lt;LI&gt;&lt;A href="https://conf.splunk.com/watch/conf-online.html?search.event=conf23&amp;amp;search=SEC1936B#/" target="_blank"&gt;https://conf.splunk.com/watch/conf-online.html?search.event=conf23&amp;amp;search=SEC1936B#/&lt;/A&gt;&lt;/LI&gt;&lt;/UL&gt;&lt;P&gt;r. Ismo&lt;/P&gt;</description>
      <pubDate>Fri, 01 Dec 2023 07:35:28 GMT</pubDate>
      <guid>https://community.splunk.com/t5/Getting-Data-In/Self-signed-certificate-in-certificate-while-using-CLI/m-p/670429#M112419</guid>
      <dc:creator>isoutamo</dc:creator>
      <dc:date>2023-12-01T07:35:28Z</dc:date>
    </item>
  </channel>
</rss>

