Solved: SSL expired, now what?

ben_leung · ‎06-03-2014

I have an indexer and forwarder. They have been configured with self sign cert ssl. Lets say the server cert has expired, okay now you just create another cert.

What do you do when the root cert has expired, what will happen? Do you have to configure a new set of certs?

The default certs expire 3 years, so does the rootCA and server certs also expire in 3 years?

Is the root cert suppose to expire at a different time than the server cert?

gkanapathy · ‎06-03-2014

Yes, when the root cert has expired, you will need a new cert chain. I believe that root CAs can't issue certificates beyond their own validity. The root cert can last longer than the child certs.

View solution in original post

gkanapathy · ‎06-03-2014

Yes, when the root cert has expired, you will need a new cert chain. I believe that root CAs can't issue certificates beyond their own validity. The root cert can last longer than the child certs.

gkanapathy · ‎06-03-2014

You can generate new certs using the scripts in the $SPLUNK_HOME/bin/ directory.

SSL expired, now what?

Upcoming Webinar: Unmasking Insider Threats with Slunk Enterprise Security’s UEBA

.conf25 technical session recap of Observability for Gen AI: Monitoring LLM ...

A Season of Skills: New Splunk Courses to Light Up Your Learning Journey

Join the Conversation

SSL expired, now what?

Upcoming Webinar: Unmasking Insider Threats with Slunk Enterprise Security’s UEBA

.conf25 technical session recap of Observability for Gen AI: Monitoring LLM ...

A Season of Skills: New Splunk Courses to Light Up Your Learning Journey