Installation

Setting up SplunkWeb for splunk 6.2.0

divyamudundi
Path Finder

Hello,

I have set up splunkweb for one of our instance (splunk 6.2.0) as per http://docs.splunk.com/Documentation/Splunk/6.2.0/Security/SecureSplunkWebusingasignedcertificate .

Now when I bring up the splunkweb, it still says NotSecure when I try to access the web, and the error I see in the certificate is "the issuer of the certificate cannot be found" . And when I check the chain of the certificate I only have the leaf, whereas my .pem in caCertPath has both caroot and leaf in the certificate chain

Do I have to explicitly mention the rootca in the \system\local\web.conf?

Any inputs are appreciated. I am lost in this.

Thank you,
DIvya

Tags (1)
0 Karma

harsmarvania57
SplunkTrust
SplunkTrust

If it is self signed certificate, do you have CA & Intermediate certificate installed on your browser ??

0 Karma

divyamudundi
Path Finder

Thank you for the response harsmarvania.

I am aware of the fact that the trusted root ca needs to be installed in your trusted root's incase if the certificate is a self signed.

Here in our scenario, ours is a self signed certificate, and to have the CA Installed as a trusted root on every user OS is not possible for us. So I was looking if we can bypass this exception somehow.

Note: All users who will be accessing this web are within the org.

Thank you,
Divya

0 Karma

FrankVl
Ultra Champion

Doesn't your organization have some process for getting properly signed certs, by a CA that is trusted by all the user's OS/browser?

0 Karma

harsmarvania57
SplunkTrust
SplunkTrust

If you can't install self signed certificate in every user's OS, then you will not achieve secure connection from user's machine to splunk. In that case I'll suggest to disable HTTPS on Splunkweb.

0 Karma
Get Updates on the Splunk Community!

Splunk Training for All: Meet Aspiring Cybersecurity Analyst, Marc Alicea

Splunk Education believes in the value of training and certification in today’s rapidly-changing data-driven ...

Investigate Security and Threat Detection with VirusTotal and Splunk Integration

As security threats and their complexities surge, security analysts deal with increased challenges and ...

Observability Highlights | January 2023 Newsletter

 January 2023New Product Releases Splunk Network Explorer for Infrastructure MonitoringSplunk unveils Network ...