openssl.exe gendh -out "c:\program files\splunk\etc\auth\splunkweb\DH_2048.pem" 2048

tlam_splunk · ‎04-28-2017

Setup the web.conf using dhFile at 2048 encryption

web.conf
dhFile = $SPLUNK_HOME\etc\auth\splunkweb\DH2048.pem

Here is the command to generate the key

openssl.exe gendh -out "c:\program files\splunk\etc\auth\splunkweb\DH_2048.pem" 2048

After set it up, splunk web will not start without any error in the log file.

tlam_splunk · ‎04-28-2017

Have to add the double quote for the parameter value in dhFile

dhFile = "$SPLUNK_HOME\etc\auth\splunkweb\DH2048.pem"

jcrabb_splunk · ‎06-28-2017

Just an additional comment, if one wishes to utilize the dhFile setting in server.conf, on a windows host, Splunk may not start unless there are quotes (" ") around the setting. I added that to another post as well:

https://answers.splunk.com/answers/525172/why-am-i-unable-to-use-dhfile-and-2048-encryption.html?chi...

Jacob
Sr. Technical Support Engineer

DimasSouza · ‎09-29-2017

Maybe it could be inserted as known issue or a bug?

web.conf not working for dhfile in 2048 encryption

openssl.exe gendh -out "c:\program files\splunk\etc\auth\splunkweb\DH_2048.pem" 2048

Splunk + ThousandEyes: Correlate frontend, app, and network data to troubleshoot ...

Splunk Observability for AI

🔐 Trust at Every Hop: How mTLS in Splunk Enterprise 10.0 Makes Security Simpler

Are you a member of the Splunk Community?

web.conf not working for dhfile in 2048 encryption

openssl.exe gendh -out "c:\program files\splunk\etc\auth\splunkweb\DH_2048.pem" 2048

Splunk + ThousandEyes: Correlate frontend, app, and network data to troubleshoot ...

Splunk Observability for AI

🔐 Trust at Every Hop: How mTLS in Splunk Enterprise 10.0 Makes Security Simpler