Hi there,
I'm trying to use the native CA on my splunk server but reissue my splunk web cert for it to use a 2048 bits length key.
I tried using the command
$SPLUNK_HOME/splunk/createssl web-cert -n myCN -l 2048
But can't seem to find the issued cert (though the key path is indicated $SPLUNK_HOME/etc/auth)
Any hint?
Actually the cert was in $SPLUNK_HOME/etc/auth/splunkweb/ and the private key is also there, not where the command indicates.
The path is in the default web.conf/server.conf (if you use it for splunkd, match the serverName directive) so the previous certs are erased, and one can verify the certificate with
$SPLUNK_HOME/splunk cmd openssl x509 -in yourcert.pem -noout -text
Better back up your /$SPLUNK_HOME/etc/auth directory beforehand.