We are getting authorization error while calling the service from dot net or java client. It is working fine with curl command( -k option) but failing on the client side due to some certificate missing.
For curl I have noticed when we call the service without –k it fails (authorization issue).
I have tried with postman as well. It is throwing error like this “Install self-signed certificate in chrome”.
Any help is appreciated.
The issue will likely be that your .Net client is not trusting the certificate presented by Splunk(why would it? - its self signed).
The -k switch for curl essentially says "ignore all SSL errors or warnings and carry on regardless"
The bad (wrong) solution is to tell your .Net app to disregard certificate problems.
The correct solution is to install a certificate that your .Net application trusts, such as one from a public CA, or an internal CA which your enterprise trusts.
The issue will likely be that your .Net client is not trusting the certificate presented by Splunk(why would it? - its self signed).
The -k switch for curl essentially says "ignore all SSL errors or warnings and carry on regardless"
The bad (wrong) solution is to tell your .Net app to disregard certificate problems.
The correct solution is to install a certificate that your .Net application trusts, such as one from a public CA, or an internal CA which your enterprise trusts.
Detailed more in the the Securing Splunk Enterprise manual. Specifically, this section is a good place to start: http://docs.splunk.com/Documentation/Splunk/latest/Security/AboutsecuringyourSplunkconfigurationwith...
Can you confirm you are sending in the authorization header to the Splunk HEC collector? You will need to include the token in the correct format to avoid the authorization error.
Furthermore postman will not work with self-signed certificates unless you install them in Chrome (which is relatively easy to do)