Security
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Troubleshooting SSL Error on Forwarder

pauldr01
Engager
‎04-29-2019 03:12 PM

I am troubleshooting an SSL error.

I am receiving this error:
ERROR SSLCommon - Can't read key file C:\Program Files\SplunkUniversalForwarder\etc\auth\mycerts\server_cert.pem

I understand that it may be that the file can't read the hash. I'm trying to test my password to the server_cert.pem and I receive this error:
PS C:\Program Files\SplunkUniversalForwarder\bin> .\openssl rsa -in "C:\Program Files\SplunkUniversalForwarder\etc\auth\mycerts\server_cert.pem" -text
WARNING: can't open config file: C:\jnkns\workspace\build-home/ssl/openssl.cnf
unable to load Private Key
6980:error:0906D06C:PEM routines:PEM_read_bio:no start line:.\crypto\pem\pem_lib.c:697:Expecting: ANY PRIVATE KEY

The openssl.cnf is located in the C:\Program Files\SplunkUniversalForwarder\openssl.cnf, so I do not know how its referring to C:\jnkns\workspace\build-home/ssl/openssl.cnf.

I am not even prompted for a password.

Questions:
1. How do I change the path from C:\jnkns\workspace\build-home/ssl/openssl.cnf to C:\Program Files\SplunkUniversalForwarder\openssl.cnf
2. Is it possible to enable SSL using the password hash for the server_cert.pem?
3. Does anyone have successful steps to follow to enable SSL (outside the splunk documentation)?

Tags (2)
Reply

santhoshi
Explorer
‎08-02-2021 04:31 AM

To answer the first question.. When installing Splunk the necessary file is placed in "C:\Program Files\Splunk\openssl.cnf". Installing Splunk does not set the %OPENSSL_CONF% system variable that points to the file.

Use the following to see if the system variable is set:
echo %OPENSSL_CONF%

If the variable is not set you can tell Windows to use the configuration file provided by Splunk.
set OPENSSL_CONF=c:\Program Files\Splunk\openssl.cnf

0 Karma
Reply

spluzer
Communicator
‎10-09-2020 07:06 AM

Any update on this...getting the exact same thing?????

0 Karma
Reply
Get Updates on the Splunk Community!

Extending Observability Content to Splunk Cloud

Watch Now!   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to leverage ...

More Control Over Your Monitoring Costs with Archived Metrics GA in US-AWS!

What if there was a way you could keep all the metrics data you need while saving on storage costs?This is now ...

New in Observability Cloud - Explicit Bucket Histograms

Splunk introduces native support for histograms as a metric data type within Observability Cloud with Explicit ...