Security

Having trouble with using certificates

Charlython
Observer

Hi there! 

I've been using Splunk for a while and now i want  to use certificates to making it more secure.

The problem comes when, afteer following the documentation, splunk web doesn't  starts.

My pem certificate has 2 certificates inside and a private key, and I also tried using the private key in a .key file and the certificates together in the pem and it neither works.

Any advice or solution?

Thank you!

Labels (2)
0 Karma

matt8679
Path Finder

Make sure your Splunk user has the proper permissions to read the certs.

web.conf

enableSplunkWebSSL = 1

privKeyPath = /opt/splunk/etc/auth/mycert.key

serverCert = /opt/splunk/etc/auth/mycert.pem

 

Depending on the method you used, you must combine the server certificate, the private key, and the public certificate, in that order, into a single file. The combined file must be in privacy-enhanced mail (PEM) format.

cat <server certificate file> <server private key file> <certificate authority certificate file> > <combined server certificate file>

https://docs.splunk.com/Documentation/Splunk/9.0.0/Security/HowtoprepareyoursignedcertificatesforSpl... 

0 Karma
Get Updates on the Splunk Community!

New Splunk Observability innovations: Deeper visibility and smarter alerting to ...

You asked, we delivered. Splunk Observability Cloud has several new innovations giving you deeper visibility ...

Synthetic Monitoring: Not your Grandma’s Polyester! Tech Talk: DevOps Edition

Register today and join TekStream on Tuesday, February 28 at 11am PT/2pm ET for a demonstration of Splunk ...

Instrumenting Java Websocket Messaging

Instrumenting Java Websocket MessagingThis article is a code-based discussion of passing OpenTelemetry trace ...