I've Splunk Search Head cluster and I want add new member to this cluster. I use documentation from https://docs.splunk.com/Documentation/Splunk/7.2.6/DistSearch/Addaclustermember.
After adding member KVstore doesn't synchronize with clustered KVStore. In log files I finded information about SSL certificate troubles.
2019-04-25T15:53:52.841Z I CONTROL [initandlisten] ** WARNING: No SSL certificate validation can be performed since no CA file has been provided
2019-04-25T15:53:52.841Z I CONTROL [initandlisten] ** Please specify an sslCAFile parameter.
I already generate new certs with splunk commands:
/opt/splunk/bin/splunk createssl server-cert -d /opt/splunk/etc/auth -n server -l 4096 -p
And add cacert info to server.conf
disabled = false
sslCAFile = /opt/splunk/etc/auth/cacert.pem
"splunk show kvstore-status" shows short read in log and not synchronized status
host:8191 configVersion : -1 hostAndPort : host:8191 lastHeartbeat : Fri Apr 26 11:39:48 2019 lastHeartbeatRecv : ZERO_TIME lastHeartbeatRecvSec : 0 lastHeartbeatSec : 1556267988.693 optimeDate : ZERO_TIME optimeDateSec : 0 pingMs : 0 replicationStatus : Down uptime : 0
What can I do with this trouble?
Hi @GenRockeR ,
You can try to clean the local kvstore on the SH that you attempted to add to the SHC by following the steps below.
The reference these steps can be found here: