Security
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Should window .pfx & .cer certificates be converted to .pem for fowarder to work with SSL?

jimmy6067
Explorer
‎08-08-2012 08:31 PM

I'm troubleshooting the issues I have with SSL not working with universal forwarder. Could someone please answer the following questions:

If UF is being deployed on a windows box, do the win. certs need to be converted. The Windows cert file types that I have include .pfx (for the client) and .cer (for the root CA cert). Also If I do need to convert them what is the best approach?...Openssl?

Tags (1)
Reply
1 Solution
Solved! Jump to solution
Solution

hexx
Splunk Employee
Splunk Employee
‎08-08-2012 08:57 PM

Yes, the certificates should be converted to the .pem format, an operation that you should be able to perform with openssl. For more details on how to configure Splunk forwarding to use SSLcertificates signed by a 3rd party authority, please read the following tutorial.

View solution in original post

Reply
Solved! Jump to solution
Solution

hexx
Splunk Employee
Splunk Employee
‎08-08-2012 08:57 PM

Yes, the certificates should be converted to the .pem format, an operation that you should be able to perform with openssl. For more details on how to configure Splunk forwarding to use SSLcertificates signed by a 3rd party authority, please read the following tutorial.

Reply
Solved! Jump to solution

hexx
Splunk Employee
Splunk Employee
‎08-14-2012 07:46 PM

Glad to hear it's working!

0 Karma
Reply
Solved! Jump to solution

jimmy6067
Explorer
‎08-14-2012 07:29 PM

Hexx..you have been such a great help. After I changed all the certs to .pem, my UF on my test system started sending encrypted data to my splunk box.

0 Karma
Reply
Solved! Jump to solution

hexx
Splunk Employee
Splunk Employee
‎08-09-2012 07:03 AM

Indeed, certificates are OS-agnostic.

0 Karma
Reply
Solved! Jump to solution

jimmy6067
Explorer
‎08-09-2012 05:15 AM

Thanks for the response!!! So when installing forwarder on systems...certs should always be .pem regardless of the operating system.

0 Karma
Reply
Get Updates on the Splunk Community!

Splunk Observability for AI

Don’t miss out on an exciting Tech Talk on Splunk Observability for AI!Discover how Splunk’s agentic AI ...

Splunk Enterprise Security 8.x: The Essential Upgrade for Threat Detection, ...

Watch On Demand the Tech Talk on November 6 at 11AM PT, and empower your SOC to reach new heights! Duration: ...

Splunk Observability as Code: From Zero to Dashboard

For the details on what Self-Service Observability and Observability as Code is, we have some awesome content ...