I followed this guide for setting up self-signed certs with Splunk:
I used the steps above for creating the CA certs. For getting Splunk web certs, I followed this guide (the one above is missing step to remove the password from the server private key):
Firefox connects just fine. Chrome gives me the following:
index01 normally uses encryption to protect your information. When Google Chrome tried to connect to index01 this time, the website sent back unusual and incorrect credentials. This may happen when an attacker is trying to pretend to be index01, or a Wi-Fi sign-in screen has interrupted the connection. Your information is still secure because Google Chrome stopped the connection before any data was exchanged.
You cannot visit index01 right now because the website sent scrambled credentials that Google Chrome cannot process. Network errors and attacks are usually temporary, so this page will probably work later.
I looked around here and found an answer that pointed to this link about how to export the certificate from Firefox and then import it into Chrome:
I'm still getting this error. Any ideas what might be the problem?
Here are the exact commands I ran:
$SPLUNK_HOME/bin/splunk cmd openssl genrsa -aes256 -out myCAPrivateKey.key 2048
$SPLUNK_HOME/bin/splunk cmd openssl req -new -key myCAPrivateKey.key -out myCACertificate.csr
$SPLUNK_HOME/bin/splunk cmd openssl x509 -req -in myCACertificate.csr -sha512 -signkey myCAPrivateKey.key -CAcreateserial -out myCACertificate.pem -days 1095
$SPLUNK_HOME/bin/splunk cmd openssl genrsa -aes256 -out index01.key 2048
$SPLUNK_HOME/bin/splunk cmd openssl req -new -key index01.key -out index01.csr
$SPLUNK_HOME/bin/splunk cmd openssl x509 -req -in index01.csr -SHA256 -CA myCACertificate.pem -CAkey myCAPrivateKey.key -CAcreateserial -out index01.pem -days 1095
cat index01.pem index01.key myCACertificate.pem > index01_cert.pem
Remove password from key:
$SPLUNK_HOME/bin/splunk cmd openssl rsa -in index01.key -out index01_nopass.key
$SPLUNK_HOME/bin/splunk cmd openssl req -new -key index01_nopass.key -out index01_web.csr
$SPLUNK_HOME/bin/splunk cmd openssl x509 -req -in index01_web.csr -CA myCACertificate.pem -CAkey myCAPrivateKey.key -CAcreateserial -out index01_web.pem -days 1095
cat index01_web.pem myCACertificate.pem > index01_ssl.pem