Security
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Feature Request: Splunk Certificate Management GUI

dwchow
Engager
‎08-12-2018 09:38 AM

While there is ample documentation on certificate generation and application to both Splunk Web, Indexers, and Forwarders-- we often find that securing post-default deployment scenarios during PS engagements are no fun. We haven't had good luck with just 'pushing' certificates and having Universal Forwarders properly utilize them (at least in Windows environments). Utilizing the Deployment Server and pushing your own app and config packages still have clear text in many scenarios.

We would like to see a feature added for complete Web GUI of Splunk Certificate Management including:
Components: universal forwarders, indexers, and Splunk web server
Action/abilities for administrator user from within WebUI:
Import and use 3rd party signed CA certificates, and their respective keys (including mutual authentication client certs required)
Automated abilities Generate, replace/renew, and deploy certificates to all connecting forwarders (Windows and Linux)
Warning messages when certificates will expire
Enable a 'quick start' deployment default options of either using 3rd party signed certs or using self signed certs during installation for secure NOT JUST universal forwarder agent check in/control status messages but the actual data being forwarded from them. This also includes automatic proper TLS use ready for receiver

Reply

richgalloway
SplunkTrust
SplunkTrust
‎02-19-2020 01:40 PM

@dwchow Consider submitting this feature request at https://ideas.splunk.com/

---
If this reply helps you, Karma would be appreciated.
0 Karma
Reply

acharlieh
Influencer
‎08-12-2018 06:08 PM

This doesn't read like you have a question, but I'll give you an answer... If you have a need for such a feature you should submit a P4 (Enhancement Request) ticket on your support entitlement, and/or talk to your account / partner teams about it. In order for anything to have a chance of being worked on by the development teams, it needs to get to Splunk's JIRA queues. While some employees may troll Splunk Answers, you have a better chance of getting it into their JIRA to be prioritized if it's logged through proper channels.

See also: https://answers.splunk.com/answers/4844/how-can-i-submit-an-enhancement-request.html

Reply
Get Updates on the Splunk Community!

ICYMI - Check out the latest releases of Splunk Edge Processor

Splunk is pleased to announce the latest enhancements to Splunk Edge Processor.  HEC Receiver authorization ...

Introducing the 2024 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!  The ...

Introducing the 2024 Splunk MVPs!

We are excited to announce the 2024 cohort of the Splunk MVP program. Splunk MVPs are passionate members of ...