Security

SSL expired, now what?

ben_leung
Builder

I have an indexer and forwarder. They have been configured with self sign cert ssl. Lets say the server cert has expired, okay now you just create another cert.

What do you do when the root cert has expired, what will happen? Do you have to configure a new set of certs?

The default certs expire 3 years, so does the rootCA and server certs also expire in 3 years?

Is the root cert suppose to expire at a different time than the server cert?

Tags (2)
0 Karma
1 Solution

gkanapathy
Splunk Employee
Splunk Employee

Yes, when the root cert has expired, you will need a new cert chain. I believe that root CAs can't issue certificates beyond their own validity. The root cert can last longer than the child certs.

View solution in original post

0 Karma

gkanapathy
Splunk Employee
Splunk Employee

Yes, when the root cert has expired, you will need a new cert chain. I believe that root CAs can't issue certificates beyond their own validity. The root cert can last longer than the child certs.

0 Karma

gkanapathy
Splunk Employee
Splunk Employee

You can generate new certs using the scripts in the $SPLUNK_HOME/bin/ directory.

0 Karma
Get Updates on the Splunk Community!

New in Observability - Improvements to Custom Metrics SLOs, Log Observer Connect & ...

The latest enhancements to the Splunk observability portfolio deliver improved SLO management accuracy, better ...

Improve Data Pipelines Using Splunk Data Management

  Register Now   This Tech Talk will explore the pipeline management offerings Edge Processor and Ingest ...

3-2-1 Go! How Fast Can You Debug Microservices with Observability Cloud?

Register Join this Tech Talk to learn how unique features like Service Centric Views, Tag Spotlight, and ...