SSL Installation + KV Store error

chaitali_1994 · ‎03-27-2021

I have a distributed environment where the Splunk instances are clustered and the version I am using is 6.6.3. The server certificates are expired and there is no SSL communication enabled between Splunk servers. I have few queries:

1. How to enable the SSL communication?

2. How expired server certs are going to impact my Splunk environment?

3. How to know from the existing configurations, if there is any SSL communication between Splunk instances?

4. How can I resolve this error:

a. KV store changed its status to failed. KV store process terminated.

b. Failed to start KV store process. See mongod.log and splunkd.log for details.

c. KV store process terminated abnormally(exit code 14, status exited with code 14)

aasabatini · ‎03-29-2021

Hi @chaitali_1994

as for certificates, you should upgrade splunk versions to be able to use unexpired certificates

how to use certificates you can follow this link:

https://docs.splunk.com/Documentation/Splunk/8.1.3/Security/ConfigureSplunkforwardingtousethedefault...

and for your kvstore error I suggest to backup and resync your collection.

https://docs.splunk.com/Documentation/Splunk/8.0.1/Admin/BackupKVstore

karma point or solution confirmation is appreciated

“The answer is out there, Neo, and it’s looking for you, and it will find you if you want it to.”

SSL Installation + KV Store error

splunkd

AI for AppInspect

App Platform's 2025 Year in Review: A Year of Innovation, Growth, and Community

Operationalizing Entity Risk Score with Enterprise Security 8.3+

Join the Conversation

SSL Installation + KV Store error

splunkd

AI for AppInspect

App Platform's 2025 Year in Review: A Year of Innovation, Growth, and Community

Operationalizing Entity Risk Score with Enterprise Security 8.3+