Security
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Splunk TLS using 3rd party CA- Cannot connect to 127.0.0.1:8000?

aatik5u
Path Finder
‎12-06-2022 01:26 AM

Hello There,

I have been trying to secure my Splunk web using TLS certificates. I followed this link: Configure Splunk Web to use TLS certificates - Splunk Documentation.

Things to know:

I sent a signing request to a CA.

My server certificate file contains only the server certificate and the CA certificate (in this order)

My web.conf is the following:

[settings]
enableSplunkWebSSL = true
privKeyPath = ..\mycerts\myServerPrivateKey.key
serverCert = ..\mycerts\splunk-web.pem
sslPassword =
startwebserver = true

As a result I can not connect to 127.0.0.1:8000 "This page isn't working right now" and when i restart splunk I get the message "web interface does not seem to be available", plus it takes like 50 min for Splunk to restart.

I suspect the fact that I am not including a CA or .csr file, but I am not sure since it's not indicated in the documentation, plus I tried adding the private key and the .csr file but still had the same error.

Can you help me to know what I am doing wrong please? any help would be appreciated 🙂

have a great day!

Labels (1)
Labels
0 Karma
Reply
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In December, the Splunk Threat Research Team had 1 release of new security content via the Enterprise Security ...

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

(This is the first of a series of 2 blogs). Splunk Enterprise Security is a fantastic tool that offers robust ...

Index This | What are the 12 Days of Splunk-mas?

December 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...