I want to add a secondary web interface listener, i.e., something outside of port 8000. The ultimate goal is to then add SSL to this secondary listener and update various internal documentation to point to this new port (after I have SSL running on it). I don't want to immediately add SSL to the existing port (8000).
Anyway, everything I've found seems to talk about adding a listener for the purpose of pumping data into Splunk, which isn't what I want. I want the web interface on a secondary TCP port.
Splunk web only supports SSL on or SSL off and supports changing the web port, but there is no option to have port 1 SSL off, port 2 SSL on.
You could put something in front of Splunk, like a load balancer. The LB port can be non-SSL. Then when you are ready, you can create an second port on the LB that points to the same back-end port, but has SSL encryption turned on, terminating at the LB.