Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

How do I set the SSL cert for the management port (8089)?

wohali
Engager
‎07-25-2012 01:43 PM

Like the question says, I'd like to build some REST clients using Splunk (4.3.2, 4.3.3) that will not be running on the same host as Splunk. I'd like those clients to certify the certificate of the host.

My Splunk server has certs installed and access to the main web interface over https raises no browser warnings. However, all access to port 8089 shows the Splunk self-signed certificate is being used, and requires I disable cert checking (curl -k).

I found no settings in web.conf that address this.

How do I set the certificate for splunkd's management port?

Reply
1 Solution
Solved! Jump to solution
Solution

jrodman
Splunk Employee
Splunk Employee
‎07-25-2012 03:26 PM

Our general documentation on setting up SSL certs for splunkd activities is here:
http://docs.splunk.com/Documentation/Splunk/latest/Admin/SecureaccesstoyourSplunkserverwithSSL

Note that there are of course multiple protocols for which you can use a cert with Splunkd: the management port which is https, and forwarding which is a streaming ssl socket of data.

[edit] as of Splunk version 5.0, there is a new Securing Splunk manual, and the above link will not work:
http://docs.splunk.com/Documentation/Splunk/latest/Security/AboutsecuringyourSplunkconfigurationwith...

View solution in original post

Reply
Solved! Jump to solution
Solution

jrodman
Splunk Employee
Splunk Employee
‎07-25-2012 03:26 PM

Our general documentation on setting up SSL certs for splunkd activities is here:
http://docs.splunk.com/Documentation/Splunk/latest/Admin/SecureaccesstoyourSplunkserverwithSSL

Note that there are of course multiple protocols for which you can use a cert with Splunkd: the management port which is https, and forwarding which is a streaming ssl socket of data.

[edit] as of Splunk version 5.0, there is a new Securing Splunk manual, and the above link will not work:
http://docs.splunk.com/Documentation/Splunk/latest/Security/AboutsecuringyourSplunkconfigurationwith...

Reply
Solved! Jump to solution

jrodman
Splunk Employee
Splunk Employee
‎07-25-2012 04:17 PM

I agree with your judgement.

Reply
Solved! Jump to solution

wohali
Engager
‎07-25-2012 04:05 PM

Thanks! It's extra confusing that you set the port for splunkd in web.conf, but you set the certificate for splunkd in server.conf. These settings should be together!

Reply
Get Updates on the Splunk Community!

Now Available: Cisco Talos Threat Intelligence Integrations for Splunk Security Cloud ...

At .conf24, we shared that we were in the process of integrating Cisco Talos threat intelligence into Splunk ...

Preparing your Splunk Environment for OpenSSL3

The Splunk platform will transition to OpenSSL version 3 in a future release. Actions are required to prepare ...

Easily Improve Agent Saturation with the Splunk Add-on for OpenTelemetry Collector

Agent Saturation What and Whys In application performance monitoring, saturation is defined as the total load ...