Archive
Highlighted

Structure of server cert for serverCert in web.conf for enabling SSL for Splunk Web

Path Finder

Hi ,

I want to enable SSL for Splunk web with 3rd party certificates provisioned by my company. We have

  1. server cert
  2. server key
  3. Intermediate certs
  4. Root CA cert

all provisioned by my company. After reading the documentation of https://docs.splunk.com/Documentation/Splunk/7.3.3/Admin/Webconf, my understanding is that the server cert for web ssl should be like
[server cert]
[All Intermediate certs]
[Root CA cert]
all in one file and provide it for serverCert config.

But some of the posts below says that the serverCert cert should only have [ server cert] and not intermediates and root. I'm confused which one is correct. Please help. I'm using Splunk 7.3.3 btw.
https://answers.splunk.com/answers/508313/how-to-use-rest-api-over-port-8089-with-the-splunk-1.html
https://answers.splunk.com/answers/462626/how-do-i-secure-splunkweb-on-a-search-head-cluster.html

Tags (1)
0 Karma