Getting Data In
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
Solved! Jump to solution

How do I set the SSL cert for the management port (8089)?

wohali
Engager
‎07-25-2012 01:43 PM

Like the question says, I'd like to build some REST clients using Splunk (4.3.2, 4.3.3) that will not be running on the same host as Splunk. I'd like those clients to certify the certificate of the host.

My Splunk server has certs installed and access to the main web interface over https raises no browser warnings. However, all access to port 8089 shows the Splunk self-signed certificate is being used, and requires I disable cert checking (curl -k).

I found no settings in web.conf that address this.

How do I set the certificate for splunkd's management port?

Reply
1 Solution
Solved! Jump to solution
Solution

jrodman
Splunk Employee
Splunk Employee
‎07-25-2012 03:26 PM

Our general documentation on setting up SSL certs for splunkd activities is here:
http://docs.splunk.com/Documentation/Splunk/latest/Admin/SecureaccesstoyourSplunkserverwithSSL

Note that there are of course multiple protocols for which you can use a cert with Splunkd: the management port which is https, and forwarding which is a streaming ssl socket of data.

[edit] as of Splunk version 5.0, there is a new Securing Splunk manual, and the above link will not work:
http://docs.splunk.com/Documentation/Splunk/latest/Security/AboutsecuringyourSplunkconfigurationwith...

View solution in original post

Reply
Solved! Jump to solution
Solution

jrodman
Splunk Employee
Splunk Employee
‎07-25-2012 03:26 PM

Our general documentation on setting up SSL certs for splunkd activities is here:
http://docs.splunk.com/Documentation/Splunk/latest/Admin/SecureaccesstoyourSplunkserverwithSSL

Note that there are of course multiple protocols for which you can use a cert with Splunkd: the management port which is https, and forwarding which is a streaming ssl socket of data.

[edit] as of Splunk version 5.0, there is a new Securing Splunk manual, and the above link will not work:
http://docs.splunk.com/Documentation/Splunk/latest/Security/AboutsecuringyourSplunkconfigurationwith...

Reply
Solved! Jump to solution

jrodman
Splunk Employee
Splunk Employee
‎07-25-2012 04:17 PM

I agree with your judgement.

Reply
Solved! Jump to solution

wohali
Engager
‎07-25-2012 04:05 PM

Thanks! It's extra confusing that you set the port for splunkd in web.conf, but you set the certificate for splunkd in server.conf. These settings should be together!

Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas

Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas     Cisco Live 2026 is almost here, and this ...

What Is the Name of the USB Key Inserted by Bob Smith? (BOTS Hint, Not the Answer)

Hello Splunkers,   So you searched, “what is the name of the usb key inserted by bob smith?”  Not gonna lie… ...

Automating Threat Operations and Threat Hunting with Recorded Future

    Automating Threat Operations and Threat Hunting with Recorded Future June 29, 2026 | Register   Is your ...