Can I resolve these LetsEncrypt Server Cert CA issues?

New Member


I have a Splunk forwarder forwarding logs to a Splunk Server, and the SplunkServer is using a LetsEncrypt CA cert. I have tried a couple of directives but they dont see to work.

Here are my configs:




useACK = true 
indexAndForward = false 
defaultGroup = splunkssl 
forwardedindex.0.whitelist = modsec 

compressed = true 
server = 
clientCert = /opt/splunkforwarder/etc/certs/client.pem 

#sslRootCAPath = /opt/splunkforwarder/etc/certs/cacert.pem 
sslRootCAPath = /opt/splunkforwarder/etc/certs/letsencryptca.pem sslVerifyServerCert = true 
sslCommonNameToCheck =




I found my issue here in the forums, but the response was to disable sslVerifyServerCert.. which I can not do.


Here is the error I get:




05-30-2023 16:19:21.265 -0700 ERROR TcpOutputFd - Connection to failed. sock_error = 0. SSL Error = error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed - please check the output of the `openssl verify` command for the certificates involved; note that if certificate verification is enabled (requireClientCert or sslVerifyServerCert set to "true"), the CA certificate and the server certificate should not have the same Common Name.




Labels (1)
Tags (1)
0 Karma
Get Updates on the Splunk Community!

Optimize Cloud Monitoring

  TECH TALKS Optimize Cloud Monitoring Tuesday, August 13, 2024  |  11:00AM–12:00PM PST   Register to ...

What's New in Splunk Cloud Platform 9.2.2403?

Hi Splunky people! We are excited to share the newest updates in Splunk Cloud Platform 9.2.2403! Analysts can ...

Stay Connected: Your Guide to July and August Tech Talks, Office Hours, and Webinars!

Dive into our sizzling summer lineup for July and August Community Office Hours and Tech Talks. Scroll down to ...