Security
Highlighted

Splunk Web SSL - Error with a Certificate

Contributor

I've been trying to enable SSL in Splunk using the internally signed certs but this is the error I am getting:

02-08-2016 22:55:03.017 +0000 ERROR HTTPServer - SSL will not be enabled
date_hour = 22 date_mday = 8 date_minute = 55 date_month = february date_second = 3 date_wday = monday date_year = 2016 date_zone = 0 host = plsv2-splunk-05-license index = _internal linecount = 1 punct = --_::._+___-_____ source = /opt/splunk/var/log/splunk/splunkd.log sourcetype = splunkd splunk_server = splunk-01-indexer1 timeendpos = 29 timestartpos = 0

02-08-2016 22:55:03.017 +0000 ERROR HTTPServer - SSL context could not be created - error in cert or password is wrong
date_hour = 22 date_mday = 8 date_minute = 55 date_month = february date_second = 3 date_wday = monday date_year = 2016 date_zone = 0 host = plsv2-splunk-05-license index = _internal linecount = 1 punct = --_::._+___-_______-_______ source = /opt/splunk/var/log/splunk/splunkd.log sourcetype = splunkd splunk_server = splunk-01-indexer1 timeendpos = 29 timestartpos = 0

02-08-2016 22:55:03.017 +0000 ERROR SSLCommon - Can't read certificate file /opt/splunk/etc/auth/mycerts/SplunkKeyLicense.key errno=218529960 error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
0 Karma
Highlighted

Re: Splunk Web SSL - Error with a Certificate

Influencer

Read through the SSL page on the Splunk Wiki: http://wiki.splunk.com/Community:SplunkWeb_SSL_SelfSignedCert_NewRootCA

Make sure your certificate is in PEM format.

View solution in original post

Highlighted

Re: Splunk Web SSL - Error with a Certificate

Contributor

Thanks, will check this Wiki.

0 Karma
Highlighted

Re: Splunk Web SSL - Error with a Certificate

Contributor

I had to redo the certs and it worked just fine, thanks for pointing me to the above link.

0 Karma
Highlighted

Re: Splunk Web SSL - Error with a Certificate

Influencer

You're welcome! Glad it helped.

0 Karma
Highlighted

Re: Splunk Web SSL - Error with a Certificate

is there any way to use the certificate I got from verizon in same server for my tomcat server.

I have 4 PEM files from Verizon which includes the CA certificates also 1 chained certificate that includes all the certs.

Is there way to configure the chained cert without Private key.

Thanks
Praveen

0 Karma
Highlighted

Re: Splunk Web SSL - Error with a Certificate

hello daniel,

while we are installing splunk on server where already a web application is hosted. As we cannot port splunk web in tomcat container we need to install separately, but for load balancer we need same SSL as tomcat container.

I have SSL in PEM format but not having Private Key. Is there any way to get SSL configured only with Signed PEM without Private KEY. this is for Splunk web I am talking about.

Thanks
Praveen

0 Karma