I've been trying to enable SSL in Splunk using the internally signed certs but this is the error I am getting:
02-08-2016 22:55:03.017 +0000 ERROR HTTPServer - SSL will not be enabled
date_hour = 22 date_mday = 8 date_minute = 55 date_month = february date_second = 3 date_wday = monday date_year = 2016 date_zone = 0 host = plsv2-splunk-05-license index = _internal linecount = 1 punct = --_::._+___-_____ source = /opt/splunk/var/log/splunk/splunkd.log sourcetype = splunkd splunk_server = splunk-01-indexer1 timeendpos = 29 timestartpos = 0
02-08-2016 22:55:03.017 +0000 ERROR HTTPServer - SSL context could not be created - error in cert or password is wrong
date_hour = 22 date_mday = 8 date_minute = 55 date_month = february date_second = 3 date_wday = monday date_year = 2016 date_zone = 0 host = plsv2-splunk-05-license index = _internal linecount = 1 punct = --_::._+___-_______-_______ source = /opt/splunk/var/log/splunk/splunkd.log sourcetype = splunkd splunk_server = splunk-01-indexer1 timeendpos = 29 timestartpos = 0
02-08-2016 22:55:03.017 +0000 ERROR SSLCommon - Can't read certificate file /opt/splunk/etc/auth/mycerts/SplunkKeyLicense.key errno=218529960 error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
Read through the SSL page on the Splunk Wiki: http://wiki.splunk.com/Community:SplunkWeb_SSL_SelfSignedCert_NewRootCA
Make sure your certificate is in PEM format.
Read through the SSL page on the Splunk Wiki: http://wiki.splunk.com/Community:SplunkWeb_SSL_SelfSignedCert_NewRootCA
Make sure your certificate is in PEM format.
Thanks, will check this Wiki.
hello daniel,
while we are installing splunk on server where already a web application is hosted. As we cannot port splunk web in tomcat container we need to install separately, but for load balancer we need same SSL as tomcat container.
I have SSL in PEM format but not having Private Key. Is there any way to get SSL configured only with Signed PEM without Private KEY. this is for Splunk web I am talking about.
Thanks
Praveen
is there any way to use the certificate I got from verizon in same server for my tomcat server.
I have 4 PEM files from Verizon which includes the CA certificates also 1 chained certificate that includes all the certs.
Is there way to configure the chained cert without Private key.
Thanks
Praveen
I had to redo the certs and it worked just fine, thanks for pointing me to the above link.
You're welcome! Glad it helped.