<?xml version="1.0" encoding="UTF-8"?>
<rss xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:taxo="http://purl.org/rss/1.0/modules/taxonomy/" version="2.0">
  <channel>
    <title>topic Re: Splunk SSL Question in Getting Data In</title>
    <link>https://community.splunk.com/t5/Getting-Data-In/Splunk-SSL-Question/m-p/261104#M50089</link>
    <description>&lt;P&gt;Splunk doesn't use a trust store (java style), but you can instruct Splunk where to find a rootCA from a 3rd party.&lt;/P&gt;

&lt;P&gt;outputs.conf:&lt;BR /&gt;
sslRootCAPath = &lt;/P&gt;</description>
    <pubDate>Sun, 27 Mar 2016 03:08:41 GMT</pubDate>
    <dc:creator>davidpaper</dc:creator>
    <dc:date>2016-03-27T03:08:41Z</dc:date>
    <item>
      <title>Splunk SSL Question</title>
      <link>https://community.splunk.com/t5/Getting-Data-In/Splunk-SSL-Question/m-p/261103#M50088</link>
      <description>&lt;P&gt;So I have a Splunk environment signed by a 3rd party CA. However, the forwarders are using self-signed certificates because it's in a testing environment. WHen I try to send data from forwarder to indexer, I'm getting errors saying it can't verify certificate. I'm guessing it's because it is signed by a different root CA and the 3rd party won't accept it. &lt;/P&gt;

&lt;P&gt;Is there any way to add the self signed root CA to a trust store or anything? Or do they have to be all signed by the same 3rd party CA?&lt;/P&gt;</description>
      <pubDate>Thu, 24 Mar 2016 14:04:49 GMT</pubDate>
      <guid>https://community.splunk.com/t5/Getting-Data-In/Splunk-SSL-Question/m-p/261103#M50088</guid>
      <dc:creator>chadwagonerKGI</dc:creator>
      <dc:date>2016-03-24T14:04:49Z</dc:date>
    </item>
    <item>
      <title>Re: Splunk SSL Question</title>
      <link>https://community.splunk.com/t5/Getting-Data-In/Splunk-SSL-Question/m-p/261104#M50089</link>
      <description>&lt;P&gt;Splunk doesn't use a trust store (java style), but you can instruct Splunk where to find a rootCA from a 3rd party.&lt;/P&gt;

&lt;P&gt;outputs.conf:&lt;BR /&gt;
sslRootCAPath = &lt;/P&gt;</description>
      <pubDate>Sun, 27 Mar 2016 03:08:41 GMT</pubDate>
      <guid>https://community.splunk.com/t5/Getting-Data-In/Splunk-SSL-Question/m-p/261104#M50089</guid>
      <dc:creator>davidpaper</dc:creator>
      <dc:date>2016-03-27T03:08:41Z</dc:date>
    </item>
  </channel>
</rss>

