We got a requirement to secure the communication between Deployment server and UF on port 8089. Can someone help me on below queries.
Any help and reference document would be helpful.
SSL is enabled by default in the communications between Deployment Server and deployment clients, as you can see at https://docs.splunk.com/Documentation/Splunk/8.0.4/Updating/Planadeployment#SSL_encryption
as @gcusello mentioned, SSL is already enabled, but default certificates are used, which means the connection is not "secure" and can be MitM-ed.
Please follow these steps: https://conf.splunk.com/session/2015/conf2015_DWaddle_DefensePointSecurity_deploying_SplunkSSLBestPr...
Thanks @PavelP, Can we use custom and default ssl certificates simultaneously on one DS ? Lets say 5 UF using custom ssl and other using default and all are being managed by single DS.
@bijenderkhosya I think this will work if the cert verification is disabled. I think you cannot enable cert verification selectively.
The setup described in the pdf doesn't use mutual authenticated TLS, only DS' certificate is verified, the UF's certificate is not verified.