Security
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Splunk web certification configuration

uagraw01
Motivator
‎05-09-2024 04:12 AM

Hello Splunkers!!

 

I want to configure SSL certificate in Splunk so that my Splunk web URL communicate over https.

To obtain "privKeyPath" in web.conf I have used below two commands.

splunk cmd openssl genrsa -aes256 -out SplunkPrivateKey.key 2048

splunk cmd openssl rsa -in SplunkPrivateKey.key -out splunk_key.key

 

To obtain "serverCert" in web.conf I have used below two commands.

splunk cmd openssl x509 -in splunk.cer -out splunk.pem

Note : splunk.cer  is with me ( Provided by organization so I am obtaining self signed certificate)

[settings]
enableSplunkWebSSL = 1
privKeyPath = D:\Splunk\etc\auth\mycert\splunk_key.key
serverCert = D:\Splunk\etc\auth\mycert\splunk.pem

I have used all the above commands and configure the certificate under the paths but still Splunk web is not working securely. Please suggest me any other modification or alteration I need to do ? 

Thanks in advance !!

Labels (1)
Labels
0 Karma
Reply

tscroggins
Influencer
‎05-12-2024 02:40 PM

Hi @uagraw01,

Browsers will not trust your self-signed certificates without additional configuration. In most cases, you'll want to use a certificate signed by a mutually trusted certificate authority. This is not an endorsement of Qualys, but https://www.ssllabs.com/ provides general information on SSL/TLS that you may find beneficial.

Reply

VatsalJagani
SplunkTrust
SplunkTrust
‎05-13-2024 11:11 PM

@uagraw01 - As suggested by @tscroggins self-signed certificates needs to be added to certificate store. Here are references to be done on Mac and Windows:

 

I hope this helps!!! If it does kindly upvote!!!

Reply

uagraw01
Motivator
‎05-14-2024 10:11 AM

@tscroggins @VatsalJagani  Thanks For sharing the refrence links. I am very close to setup the secure SSL connection by using openssl. Once completely done I will share the complete steps here also.

0 Karma
Reply
Get Updates on the Splunk Community!

Observe and Secure All Apps with Splunk

  Join Us for Our Next Tech Talk: Observe and Secure All Apps with SplunkAs organizations continue to innovate ...

Splunk Decoded: Business Transactions vs Business IQ

It’s the morning of Black Friday, and your e-commerce site is handling 10x normal traffic. Orders are flowing, ...

Fastest way to demo Observability

I’ve been having a lot of fun learning about Kubernetes and Observability. I set myself an interesting ...