Join the Conversation
- Find Answers
- :
- Splunk Administration
- :
- Admin Other
- :
- Security
- :
- Re: Splunk Web not accessible via https
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Splunk Web not accessible via https
We had provided created certificates and provided all information in web.conf
[settings]
enableSplunkWebSSL = 1
privKeyPath = /opt/splunk/etc/auth/mycerts/CertAwsDev/private.key
serverCert = /opt/splunk/etc/auth/mycerts/CertAwsDev/Cert.pem
httpport = 443
But we are not getting the 443v port established in the server
netstat -aen | grep 443
For this reason it is coming unhealthy (502) in AWS target groups
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Below is the output of netstat command
netstat -aen | grep 443
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 0 9944802
tcp 0 0 10.x.x.101:37272 54.x.x.173:443 ESTABLISHED 0 10220872
tcp 0 0 10.x.x.101:59914 54.x.x.213:443 TIME_WAIT 0 0
tcp 0 0 10.x.x.101:46116 52.x.x.97:443 ESTABLISHED 0 10220742
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Based on output provided by you, your server is listening on port 443 but AWS LB is getting 502 Bad gateway in health check. As I don't have more knowledge on AWS side, I can't help much more but if you are using self signed certificate on splunk server then you might need to add root certificate on AWS LB.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Are you running splunk with root user ? On Linux only root can use port < 1024.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I am running splunk with root user
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Please provide output of ss -nltp | grep 443
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
LISTEN 0 128 0.0.0.0:443 0.0.0.0:* users:(("splunkd",pid=20841,fd=112))
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Does the splunkd process listen on port 443? You haven't provided the output of netstat command.
If splunkd is listening on the port then check firewall (network and local).
Let me know how it went
Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!
Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.
Mile High Learning with Splunk University, Denver, Colorado
IT Service Intelligence 5.0 Series: Your Guide to the June Launch
Agent Mode Engaged! Enchaining Agentic Operations with Splunk AI Assistant 2.0
