- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Cisco Nexus 9k Add-on for Splunk Enterprise: Where does the nxapi/switch self-signed cert need to be placed?
Versus opening a ticket with Cisco, I was hoping to see if the community could point me in the correct direction. I'm not particularly skilled but have tried some of the various options that were similar to my problem but with no luck.
Splunk version=8.2.3
OS=RHEL 8
Plugin=Cisco Nexus 9k Add-on for Splunk Enterprise from splunkbase.
I can get the plugin to connect using http as the connection method. I'm trying to get the https method to work. I can curl to the switch in question using the cert I generated
(openssl req -x509 -newkey rsa:4096 -keyout hostkey.pem -out hostcert.pem -sha256 -days 30 -nodes -subj "/C=US.../CN=host") then imported to the switch.
( curl --verbose --cacert hostcert.pem https://host)
So at this point I'm confident that the cert and key are installed correctly on the switch and working as expected.
The error I'm receiving (truncated):
Caused by SSLError(SSLCertVerificationError [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate
My guess is that I need to install the certificate somewhere within the /opt/splunk/etc/auth directory , but I'm not sure. I saw some posts that said add to this file or copy into directory, but I can't find the one that works.
Any insight is appreciated.
Thanks
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I haven't specifically worked on this Add-on but just adding a cert somewhere won't be enough. You'll need to refer to it in a conf file. I'd start by looking at the app doc (if any) or the code to see if it mentions what config file to use.
