Solved: Which default certificate should I use to certify ...

llovell · ‎08-01-2019

I am running some C# code that sends a POST request to my Splunk HTTP Event Collector at the following URL - https://localhost:8088/services/collector/raw to submit a log

I am getting the following error: Peer certificate cannot be authenticated with given CA certificates ( If I make the request in Postman my logs are submitted no problem )

I am thinking that I need to load my Splunk servers default certificate onto the machine I am making the request from. If this is correct I need to know which of the default certificates ( this is just for testing purposes ) I should be loading that would be specific to my HEC. And also if the correct certificates I'm looking for are located here C:\Program Files\Splunk\etc\auth

jkat54 · ‎08-01-2019

ca.pem is the splunk ca
server.pem is what will run by default on 8089

I believe it is also used for HEC by default.

Hope that helps!

You can check which cert is in use with openssl

 openssl s_client -connect yourhost:hecport

Openssl can be found in splunkhome/bin

View solution in original post

jkat54 · ‎08-01-2019

ca.pem is the splunk ca
server.pem is what will run by default on 8089

I believe it is also used for HEC by default.

Hope that helps!

You can check which cert is in use with openssl

 openssl s_client -connect yourhost:hecport

Openssl can be found in splunkhome/bin

llovell · ‎08-01-2019

Thank you for your answer. I verified that server.pem is in use using openssl. That should be what I need, thanks again

jkat54 · ‎08-01-2019

Cheers! It was my pleasure!

Which default certificate should I use to certify my HTTP Event Collector

Modern way of developing distributed application using OTel

Enterprise Security Content Update (ESCU) | New Releases

Archived Metrics Now Available for APAC and EMEA realms