Security
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Splunk TLS using 3rd party CA- Cannot connect to 127.0.0.1:8000?

aatik5u
Path Finder
‎12-06-2022 01:26 AM

Hello There,

I have been trying to secure my Splunk web using TLS certificates. I followed this link: Configure Splunk Web to use TLS certificates - Splunk Documentation.

Things to know:

I sent a signing request to a CA.

My server certificate file contains only the server certificate and the CA certificate (in this order)

My web.conf is the following:

[settings]
enableSplunkWebSSL = true
privKeyPath = ..\mycerts\myServerPrivateKey.key
serverCert = ..\mycerts\splunk-web.pem
sslPassword =
startwebserver = true

As a result I can not connect to 127.0.0.1:8000 "This page isn't working right now" and when i restart splunk I get the message "web interface does not seem to be available", plus it takes like 50 min for Splunk to restart.

I suspect the fact that I am not including a CA or .csr file, but I am not sure since it's not indicated in the documentation, plus I tried adding the private key and the .csr file but still had the same error.

Can you help me to know what I am doing wrong please? any help would be appreciated 🙂

have a great day!

Labels (1)
Labels
0 Karma
Reply
Get Updates on the Splunk Community!

Splunk Classroom Chronicles: Training Tales and Testimonials (Episode 2)

Welcome to the "Splunk Classroom Chronicles" series, created to help curious, career-minded learners get ...

Index This | I am a number but I am countless. What am I?

January 2025 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  Happy New Year! We’re ...

What’s New in Splunk Enterprise 9.4: Tools for Digital Resilience

PLATFORM TECH TALKS What’s New in Splunk Enterprise 9.4: Tools for Digital Resilience Thursday, February 27, ...