Solved: When setting up Indexer Discovery feature over SSL...

jspvkey · ‎10-25-2016

I was setting up the Indexer Discovery feature over SSL and according to the Splunk documentation, I am supposed to put the below info to Splunk Configuration files.

For Indexer

[SSL]
serverCert = path to server certificate
password = certificate password
rootCA = path to certificate authority list

Does anyone know what the "password" option referring to? Is this the passphrase that we used for creating the certificate??

For Forwarder

sslCertPath = path to  client certificate
sslPassword = CAcert password
sslRootCAPath = path to root certificate authority file

Regarding this, what is the option "sslPassword" referring to? Is it the passphrase used to create the CA certificate? I couldn't find any proper answers in Splunk documentation. Can someone please help me?

Thanks

gcusello · ‎10-25-2016

Hi jspvkey,
Yes it's certificate password.
You insert it in clear, at the first restart you'll find it encrypted.
Bye.
Giuseppe

View solution in original post

gcusello · ‎10-25-2016

Hi jspvkey,
Yes it's certificate password.
You insert it in clear, at the first restart you'll find it encrypted.
Bye.
Giuseppe

jspvkey · ‎10-25-2016

Thanks for the confirmation.

skoelpin · ‎10-25-2016

Yes, the passphrase hash will be inserted in the password field

When setting up Indexer Discovery feature over SSL, what are the "password" and "sslPassword" options referring to?

Threat Hunting Unlocked: How to Uplevel Your Threat Hunting With the PEAK Framework ...

Splunk APM: New Product Features + Community Office Hours Recap!

Index This | Forward, I’m heavy; backward, I’m not. What am I?