the "kvstore_consolidated.pem" contains my private key, and the server cert.
Issue: kvstore fails to start. (log below from splunkd.log)
07-19-2021 11:06:35.763 -0400 ERROR KVStoreConfigurationProvider - Could not get ping from mongod.
07-19-2021 11:06:35.763 -0400 ERROR KVStoreConfigurationProvider - Could not start mongo instance. Initialization failed.
07-19-2021 11:06:35.763 -0400 ERROR KVStoreBulletinBoardManager - KV Store changed status to failed. Failed to start KV Store process. See mongod.log and splunkd.log for details..
07-19-2021 11:06:35.763 -0400 ERROR KVStoreBulletinBoardManager - Failed to start KV Store process. See mongod.log and splunkd.log for details.
2021-07-15T14:36:03.080Z E NETWORK [conn941] SSL peer certificate validation failed: unsupported certificate purpose
2021-07-15T14:36:03.080Z I NETWORK [conn941] Error receiving request from client: SSLHandshakeFailed: SSL peer certificate validation failed: unsupported certificate purpose. Ending connection from 127.0.0.1:52128 (connection id: 941)
so it seems like the server is trying to make loopback requests and trying to act as both the server and the client in SSL comms.
In reading this , (while its not the same issue), the suggestion is to have the CA sign the CSR so its both client and server.
Before I go down this road (the CA I am using does not seem to support this- it can only sign as either "user" or "server"), just want to see if anyone else have ran into this?
I also tried the server.conf settings in this article, but with same results: