Hello,
I wanted to request help with how configuring correctly SSL between Universal -> Indexer.
I tried following this procedure:
https://docs.splunk.com/Documentation/Splunk/8.2.1/Security/Howtoself-signcertificates
And I ended with two public certificates:
Afterwards I prepared the certificate in the following order:
https://docs.splunk.com/Documentation/Splunk/8.2.1/Security/HowtoprepareyoursignedcertificatesforSpl...
cat myServerCertificate.pem myServerPrivateKey.key myCACertificate.pem > myNewServerCertificate.pem
This resulted with a signed server certificate with a chain of the authority.
I am struggling with understating what exactly goes where and in case I understand it, how do I add one more cert to another server?..
My mind says, Indexer has to have the private key -> (Not sure whether the authorities key, or the server key or the chain).
And what the forwarder needs to have is -> only public key. (Not sure what)
Summary of what I have running the whole commands:
myCAPrivateKey.key
myCACertificate.csr
myCACertificate.pem
myServerPrivateKey.key
myServerCertificate.csr
myServerCertificate.pem
myNewServerCertificate.pem
Appreciate your help.
May I suggest using https://github.com/OpenVPN/easy-rsa?
The concept is like so:
- you generate a keypair for the client (SUF)
- you generate a keypair for the server (receiver, indexer etc.)
- the client and server each have the same CA cert
So three files on the server and three files on the client in a single file.
This is the simplest setup.