Hi,
The search head cluster uses our own certificates which are going to expire soon. So in order to update the certificates I have pushed the certs through the deployer and updated the SSL Password in server.conf and outputs.conf and the search heads restarted and everything is working fine without errors . But the certificates have not been updated. UI still shows the old certificate and I have checked the expiry through CLI as well. It shows the old certificate. The new certificates have been pushed in the backend.
What could be the reason ?? Anything that I have missed ?
I have double checked using btool
, and the certs are pointing towards the right direction .
One thing I observed is that $SPLUNK_HOME
is not set on the splunk-launch.conf
file . Is that a problem ??
Hello! Did you get this working? I am having the same issue - the privKeyPath and serverCert show up correctly when I run btool, but it still seems to be using the old self signed certs.....
Hi @nawazns5038 ,
Have you gone through the below settings in web.conf ?