All Apps and Add-ons
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Cisco Nexus 9k Add-on for Splunk Enterprise: Where does the nxapi/switch self-signed cert need to be placed?

jac_questions
New Member
‎11-06-2023 06:23 AM

Versus opening a ticket with Cisco, I was hoping to see if the community could point me in the correct direction. I'm not particularly skilled but have tried some of the various options that were similar to my problem but with no luck.

Splunk version=8.2.3

OS=RHEL 8

Plugin=Cisco Nexus 9k Add-on for Splunk Enterprise from splunkbase.

I can get the plugin to connect using http as the connection method. I'm trying to get the https method to work. I can curl to the switch in question using the cert I generated

(openssl req -x509 -newkey rsa:4096 -keyout hostkey.pem -out hostcert.pem -sha256 -days 30 -nodes -subj "/C=US.../CN=host") then imported to the switch.

( curl --verbose --cacert hostcert.pem https://host)

So at this point I'm confident that the cert and key are installed correctly on the switch and working as expected.

The error I'm receiving (truncated):

Caused by SSLError(SSLCertVerificationError [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate

My guess is that I need to install the certificate somewhere within the /opt/splunk/etc/auth directory , but I'm not sure. I saw some posts that said add to this file or copy into directory, but I can't find the one that works.

Any insight is appreciated.

Thanks

Labels (3)
0 Karma
Reply

shahzadarif
Path Finder
‎11-06-2023 08:23 AM

I haven't specifically worked on this Add-on but just adding a cert somewhere won't be enough. You'll need to refer to it in a conf file. I'd start by looking at the app doc (if any) or the code to see if it mentions what config file to use.

0 Karma
Reply
Career Survey
First 500 qualified respondents will receive a $20 gift card! Tell us about your professional Splunk journey.
Take the Survey
Register for .conf25!
Get Updates on the Splunk Community!

.conf25 Global Broadcast: Don’t Miss a Moment

Hello Splunkers, .conf25 is only a click away.  Not able to make it to .conf25 in person? No worries, you can ...

Observe and Secure All Apps with Splunk

 Join Us for Our Next Tech Talk: Observe and Secure All Apps with SplunkAs organizations continue to innovate ...

What's New in Splunk Observability - August 2025

What's New We are excited to announce the latest enhancements to Splunk Observability Cloud as well as what is ...