Creating and installing TLS Certificates on Window...

tringener · ‎08-07-2024

I am new to Splunk and I have been tasked to setup management and data traffic to use SSL certificates. A colleague installed Splunk 9.2.1 on Windows 2022 server on a separate application drive. A document I found on the Splunk documents site "How to obtain certificates from a third-party for inter-Splunk communication". The commands use environment variables that are not setup on my server.

Questions:

1. Where these variables supposed to be added during the install?

2. If not which variables do I need to add and where do I add them (user or system) variables?

3. Is there a major difference in configuration if Splunk is installed to an application drive not the O/S drive?

4. In generating the privatekey.key file is it supposed to be saved in the same folder as the servercertificate.csr?

Tom_Lundie · ‎08-08-2024

The %SPLUNK_HOME% variable that you noted in this documentation is not defined outside of the Splunk process by default.

%SPLUNK_HOME% refers to the Splunk installation folder on Windows. Typically:

C:\Program Files\Splunk

You can run all of those commands as the user running Splunk by either setting the environment variable or replacing it manually first. To permanently set the environment variable you can use:

setx SPLUNK_HOME "C:\Program Files\Splunk"

Creating and installing TLS Certificates on Windows 2022 Server

other

Windows

Enterprise Security Content Update (ESCU) | New Releases

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

Index This | What are the 12 Days of Splunk-mas?