Security

Splunk Web Certificate Self Signing: - Invalid Argument

westy74
Engager

Hi All,

I am pretty much a novice on Splunk certificate management.

I have ran into an error in trying to self-sign Splunk web certifications.
Command string and output as follows:


C:>"c:\Program Files\Splunk\bin\splunk.exe" createssl web-cert -n -l 3072 Generating a 3072 bit RSA private key
..............................++
................................................................................
........................................................++

writing new private key to 'privKeySecure.pem'

Signature ok
subject=/CN=,server_name>/O=SplunkUser
c:\Program Files\Splunk\C:\Program Files\Splunk\etc\auth\splunkweb\cert.pem: Invalid argument

Command failed (ret=1), exiting.

The results from this is that I am getting a new privateKeySecure.pem but not a new cert.pem.
The private key is being dropped into the $\etc\auth folder.

I am running Splunk Ent. Version 7.1.0 on windows.

Web.conf in local $\etc\system\local looks like this:


[settings]
enableSplunkWebSSL = 1
privKeyPath = C:\Program Files\Splunk\etc\auth\splunkweb\server.key

caCertPath = C:\Program Files\Splunk\etc\auth\splunkweb\cert.pem

I am pretty sure the problem solution lies in the output where the following is not a correct path, but a double up:

"c:\Program Files\Splunk\C:\Program Files\Splunk\etc\auth\splunkweb\cert.pem"

Any thoughts or ideas on howto fix would be greatly appreciated.

Cheers

Jim

0 Karma

deepashri_123
Motivator

Hey@westy74,

You can refer this link:
https://docs.splunk.com/Documentation/Splunk/latest/Security/Howtoself-signcertificates

Let me know if this helps!!!

0 Karma

renjith_nair
SplunkTrust
SplunkTrust

@westy74,

From the output, it looks like splunk is considering the path as relative and prefixing $SPLUNK_HOME value to the path. You could try providing relative path in the conf and try generating certificate. Once the certificates are generated, you may revert it in case it has an impact on other configurations.

Happy Splunking!
0 Karma
Get Updates on the Splunk Community!

Routing logs with Splunk OTel Collector for Kubernetes

The Splunk Distribution of the OpenTelemetry (OTel) Collector is a product that provides a way to ingest ...

Welcome to the Splunk Community!

(view in My Videos) We're so glad you're here! The Splunk Community is place to connect, learn, give back, and ...

Tech Talk | Elevating Digital Service Excellence: The Synergy of Splunk RUM & APM

Elevating Digital Service Excellence: The Synergy of Real User Monitoring and Application Performance ...