Re: replace self signed certificates on Splunk for...

BastianW · ‎05-05-2014

What is the process to create SSL NON self signed certificates on the splunk forwarders?

Currently when a splunk forwarder is installed on a Windows OS it will create a self signed certificate. However we do wish that a certificate from our own Microsoft CA is used.

The best way (if possible) would be if the splunk forwarder or the splunk deployment server could connect to our Microsoft CA and request these certificates. Or must we replace all these certificates constantly on all our windows hosts (we do have more then a handfull!!).

jkat54 · ‎05-25-2016

http://docs.splunk.com/Documentation/Splunk/6.0/Security/ConfigureSplunkforwardingtousesignedcertifi...

BastianW · ‎12-21-2014

Since such a long time still no answer. So is the Splunk provided way really the one to change the certificate by hand on all affected systems? I really would prefer if this could be done via the Splunk deployment server on a automated way. This would a really big time saver as the default certificate could be replaced on all connected systems without administrator help.

replace self signed certificates on Splunk forwarder

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas

What Is the Name of the USB Key Inserted by Bob Smith? (BOTS Hint, Not the Answer)

Automating Threat Operations and Threat Hunting with Recorded Future

Join the Conversation