Re: Are wildcard certificates supported with Splun...

maverick · ‎07-06-2011

wondering if Splunk https works with third-party wildcard certs.

so far I got my Splunk indexer to start using my third-party wildcard cert by changing web.conf to use the absolute path vs the relative path that the Splunk doc pages suggest, but splunk/https won't serve pages.

We have a third-party cert we use so that https://*.com is signed.

Since this can be insecure and may be hard to do, many vendors will only support certificates that go to a specific dns cname or a record, such as https://splunk.abc123.com

My web.conf is:
[settings] enableSplunkWebSSL = 1 privKeyPath = /etc/foo/certs/_.abc123.com.pem caCertPath = /etc/foo/cert.pem

Splunk Web server starts with no errors, but when I hit the login page I get:

ssl_error_no_cypher_overlap

Can anyone confirm if wildcard certs with Splunk are really supported or not?

gareth · ‎07-06-2011

I've used splunkweb with wildcard certificates before with no problems - Have you tried accessing it with openssl to see if that reveals any more specific information? Also check web_service.log to confirm that it's loaded the certificate without error

openssl s_client -connect hostname:port

Are wildcard certificates supported with Splunk and https?

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

[Puzzles] Solve, Learn, Repeat: Matching cron expressions

Why Splunk Customers Should Attend Cisco Live 2026 Las Vegas

Data Management Digest – May 2026

Join the Conversation