I am running some C# code that sends a POST request to my Splunk HTTP Event Collector at the following URL - https://localhost:8088/services/collector/raw to submit a log
I am getting the following error: Peer certificate cannot be authenticated with given CA certificates ( If I make the request in Postman my logs are submitted no problem )
I am thinking that I need to load my Splunk servers default certificate onto the machine I am making the request from. If this is correct I need to know which of the default certificates ( this is just for testing purposes ) I should be loading that would be specific to my HEC. And also if the correct certificates I'm looking for are located here C:\Program Files\Splunk\etc\auth
ca.pem is the splunk ca
server.pem is what will run by default on 8089
I believe it is also used for HEC by default.
Hope that helps!
You can check which cert is in use with openssl
openssl s_client -connect yourhost:hecport
Openssl can be found in splunkhome/bin
Thank you for your answer. I verified that server.pem is in use using openssl. That should be what I need, thanks again