I used below link for the generating the key, CSR and finally configuring the certificate in Search head.
While i submitted the csr to the signing authority, i get the server certificate and CA Certificate, i converted both of them in .pem and gave the path in web.conf on search head.
But when in start splunk services, now the web services are not getting started.
On checking ServerCertificate i found SAN (Subject Alternate Name) was missing in Server Certificate. i'm suspecting while generating the CSR, might be the DNS entries did not get mention in csr.
If yes, how shall i proceed?
enableSplunkWebSSL = true
privKeyPath = /opt/splunk/etc/auth/mycerts/myServerPrivateKey.key
serverCert = /opt/splunk/etc/auth/mycerts/myservercert.pem
Does the modulus of the key, match the cert, match the CSR?
openssl x509 some.pem -noout -modulus | openssl md5 openssl rsa some.key -noout -modulus | openssl md5 openssl req some.csr -noout -modulus | openssl md5
If not, something went wrong with your process.
The modulus of the 3 is same.
I just want to know, when we get the server certificate from the third party, then SAN should be mentioned in the field or not?