Security

Confirmation requested: Will Splunk continue to operate in the case of when SSL certs have expired?

tjabbe
Engager

I would like to confirm that Splunk will continue to function like when it does with the appropriate SSL certs when:

a) The CA "disappears"
b) An unknown CA owns the cert
c) There is an expired CA

Thanks,
Tjabbe

Tags (3)

dolivasoh
Contributor

From the recent product advisory.

Product Advisory: Default root certificates for release 6.2 and prior versions of Splunk Enterprise, Splunk Light and Hunk will expire on July 21, 2016.

Failure to replace the expiring default certificates prior to July 21, 2016 will result in the immediate cessation of network traffic for any connection which uses them.

So I believe the answer to your question is no.

0 Karma
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In December, the Splunk Threat Research Team had 1 release of new security content via the Enterprise Security ...

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

(This is the first of a series of 2 blogs). Splunk Enterprise Security is a fantastic tool that offers robust ...

Index This | What are the 12 Days of Splunk-mas?

December 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...