How to complete Certs definitions in config?

PickleRick · ‎04-19-2022

I'm trying to do my own "poor man's certificate check" 😉

Ideally I'd like to pick up from the config (btool output) the paths to certs so I could check them with openssl CLI tool. I don't want to do any python modular input stuff for that since I want it to run as a simple script on any machine with UF. The question therefore is where should I get my certs from.

serverCert, RootCA, clientCert, sslRootCAPath entries in inputs.conf, outputs.conf, servers.conf, deploymentclients.conf (of course they don't have to be defined in each file). For now I assume the "new" configuration format with a single pem.

Any files that I forgot? Any more entries I missed? 🙂

isoutamo · ‎04-21-2022

At least authentication.conf and web.conf have some cert definitions over those which you already listed.

In some weird situation also /opt/splunk/splunk/etc/openldap/ldap.conf can have uncommented entries for those?

r. Ismo

PickleRick · ‎04-21-2022

web.conf - sure; don't know how I omitted it.

authentication/ldap - you're right. I forgot about external authentication. I mostly use local accounts but of course makes sense.

How to complete Certs definitions in config?

other

Get ready to show some Splunk Certification swagger at .conf24!

Built-in Service Level Objectives Management to Bridge the Gap Between Service & ...

Database Performance Sidebar Panel Now on APM Database Query Performance & Service ...