Security

Splunk Forwarder Certificate Re-creation.

SandzVG
Explorer

Hello Admins,

related to my earlier question, which went unanswered 😞
http://answers.splunk.com/answers/232151/the-subject-common-name-cn-found-in-the-x509-cert.html

i've deleted the server.pem and have restarted the SplunkForwarder service and it has been re-generated with the same CN = SplunkServerDefaultCert. I would like this to be the Hostname of the server in which it runs instead of the Default.

can you please throw some light on what steps the re-start service would do and how it re-generates the certificate?

Thanks

Venu

1 Solution

starcher
SplunkTrust
SplunkTrust

You need to make your own certificates with another CA if you want to use custom CN etc information. That is the default Splunk SSL certificate. These slides might help. http://www.georgestarcher.com/wp-content/uploads/2014/11/Nashville-UG-Splunk-SSL-Presentation.pdf

View solution in original post

starcher
SplunkTrust
SplunkTrust

You need to make your own certificates with another CA if you want to use custom CN etc information. That is the default Splunk SSL certificate. These slides might help. http://www.georgestarcher.com/wp-content/uploads/2014/11/Nashville-UG-Splunk-SSL-Presentation.pdf

Get Updates on the Splunk Community!

Registration for Splunk University is Now Open!

Are you ready for an adventure in learning?   Brace yourselves because Splunk University is back, and it's ...

Splunkbase | Splunk Dashboard Examples App for SimpleXML End of Life

The Splunk Dashboard Examples App for SimpleXML will reach end of support on Dec 19, 2024, after which no new ...

Understanding Generative AI Techniques and Their Application in Cybersecurity

Watch On-Demand Artificial intelligence is the talk of the town nowadays, with industries of all kinds ...