Solved: Why am I now getting "SSL configuration issue: inv... - Page 2

scottrunyon · ‎10-05-2016

After upgrading from Splunk Enterprise 6.4.3 to 6.5.0, the ldapsearch in Splunk Supporting Add-on for Active Directory (2.1.3) is now getting the error - "SSL configuration issue: invalid CA public key file". Searches worked before the upgrade.

jmaple · ‎10-11-2016

This is likely due to the way that Splunk changed the SSL key-value pairs in version 6.5.0. Did you update your local server.conf and ssl.conf configurations with the new SSL stanzas?

sslRootCAPath = 
* Full path to the operating system's root CA (Certificate Authority)
  certificate store.
* The  must refer to a PEM format file containing one or more root CA
  certificates concatenated together.
* Required for Common Criteria.
* NOTE: Splunk plans to submit Splunk Enterprise for Common Criteria
  evaluation. Splunk does not support using the product in Common
  Criteria mode until it has been certified by NIAP. See the "Securing
  Splunk Enterprise" manual for information on the status of Common
  Criteria certification.
* This setting is not used on Windows.
* Default is unset.'

caCertFile = 
'* DEPRECATED; use 'sslRootCAPath' instead.
* Used only if 'sslRootCAPath' is unset.
* File name (relative to 'caPath') of the CA (Certificate Authority)
  certificate PEM format file containing one or more certificates concatenated
  together.
* Default is cacert.pem.'

View solution in original post

Why am I now getting "SSL configuration issue: invalid CA public key file" from Splunk Supporting Add-on for Active Directory after upgrading ?

Extending Observability Content to Splunk Cloud

More Control Over Your Monitoring Costs with Archived Metrics!

New in Observability Cloud - Explicit Bucket Histograms