Re: splunk NICs with different FQDN

human96 · ‎02-13-2022

In your environment, one Splunk server has two NICs, each There is a different FQDN. In this case, is it possible to set the certificate and private key for both NICs?

human96 · ‎02-13-2022

If you can, please tell me how to set it.

PickleRick · ‎02-14-2022

You need to generate a CSR with multiple DNS names as SAN. The way to do this varies depending on what tool you're using. Then you have to give this CSR to your CA guys which will generate proper certificate with many names. If you're using openssl suite for this - google for the multiple SANs CSR generation - there are plenty solutions described on the internet.

Of course when you get your cert, you have to conifgure your splunk instance using those certs as the docs say. https://docs.splunk.com/Documentation/Splunk/8.2.4/Security/AboutsecuringyourSplunkconfigurationwith...

PickleRick · ‎02-13-2022

Private key has nothing to do with what it's used for.

And yes - the certificate can be used for multiple names. It's called "SANs" - Subject Alternative Names.

Is it possible to set the certificate and private key for NICs with different FQDN?

heavy forwarder

inputs.conf

universal forwarder

Get Early Access to AI Playbook Authoring: Apply for the Alpha Private Preview ...

Reduce and Transform Your Firewall Data with Splunk Data Management

Automatic Discovery Part 1: What is Automatic Discovery in Splunk Observability Cloud ...

Are you a member of the Splunk Community?