Security

Difference between cacert.pem ca.pem server.pem

splunkreal
Motivator

Hello guys,

is there documentation somewhere explaining roles of default certificates, especially cacert.pem/ca.pem :

cacert.pem : SplunkCommonCA

ca.pem : SplunkCommonCA with private key (no pwd)

server.pem : server certificate, can be renewed by deleting + restart splunkd

Thanks 🙂

 

* If this helps, please upvote or accept solution 🙂 *
Labels (2)
0 Karma

aasabatini
Motivator

Hi @splunkreal 

here 

https://docs.splunk.com/Documentation/Splunk/8.2.0/Security/ConfigureSplunkforwardingtousesignedcert...

 

“The answer is out there, Neo, and it’s looking for you, and it will find you if you want it to.”
0 Karma

splunkreal
Motivator

nothing about ca.pem

* If this helps, please upvote or accept solution 🙂 *
0 Karma

aasabatini
Motivator

 

https://docs.splunk.com/Documentation/Splunk/8.2.0/Security/Aboutdefaultcertificateauthentication

 

https://wiki.splunk.com/Community:Splunk2Splunk_SSL_3rdPartyCA

 

 

“The answer is out there, Neo, and it’s looking for you, and it will find you if you want it to.”

splunkreal
Motivator

Not clear, it seems cacert.pem is for management port and ca.pem for web, of course server.pem for the server certificate.

https://community.splunk.com/t5/Security/cacert-pem-Why-does-Splunk-need-it-to-start/m-p/246234

 

* If this helps, please upvote or accept solution 🙂 *
Tags (1)
0 Karma
Get Updates on the Splunk Community!

Index This | I am a number, but when you add ‘G’ to me, I go away. What number am I?

March 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...