Security

Structure of server cert for serverCert in web.conf for enabling SSL for Splunk Web

vtalanki
Path Finder

Hi ,

I want to enable SSL for Splunk web with 3rd party certificates provisioned by my company. We have

  1. server cert
  2. server key
  3. Intermediate certs
  4. Root CA cert

all provisioned by my company. After reading the documentation of https://docs.splunk.com/Documentation/Splunk/7.3.3/Admin/Webconf, my understanding is that the server cert for web ssl should be like
[server cert]
[All Intermediate certs]
[Root CA cert]
all in one file and provide it for serverCert config.

But some of the posts below says that the serverCert cert should only have [ server cert] and not intermediates and root. I'm confused which one is correct. Please help. I'm using Splunk 7.3.3 btw.
https://answers.splunk.com/answers/508313/how-to-use-rest-api-over-port-8089-with-the-splunk-1.html
https://answers.splunk.com/answers/462626/how-do-i-secure-splunkweb-on-a-search-head-cluster.html

Tags (1)
0 Karma
Did you miss .conf21 Virtual?

Good news! The event's keynotes and many of its breakout sessions are now available online, and still totally FREE!