Security

Why am I receiving this error "No SSL Cert Validation can be performed since no CA File has been provided" in KV Store?

Builder

Hello All,

I'm working within the windows environment. I'm getting 3 error messages in my Splunk Web Browser that probably related to an expired cert on our indexer (Only on our splunk indexer). I believe at one point the previous person in my position setup the Web Server to use SSL. However, that local Cert CA authority is no longer in existence within our subnet AND the Cert has expired. We'd simply like to return splunk back to it's out of the box settings (No SSL Cert used in the web browser).

What did I do so far?
From the browser I switched it from SSL Enabled to non SSL. I believe I need to make some more changes within the configurations though. I believe somewhere it's still referencing the Local SSL Cert Auth instead of the previous Original SSL/ self signed CA Root cert. How do I get things back to square one/ OOTB?

The Bad:
1) From the Web Browser I keep getting this message pop up: " Search peer "Server A" has the following message: KV Store changed status to failed. KV Store process terminated".

2) Search peer "Server A" has the following message: Failed to start KV Store Process. See mongod.log and splunkd.log

When I navigate to mongo DB I see since the 19th of March I've been getting this message:

CONTROL: "No SSL Certificate validation can be performed since no CA File has been provided; please specify an sslCAFile parameter"
NETWORK: "The provided SSL Certificate is expired or not yet valid"
I: Fatal Assertion 28652

I'm on a windows box and I' would like to know the steps required to correctly point my SSL/ sslCAFile. Once again we do not use SSL from the web browser so the out of the box self signed certs would work fine for me. Thanks for your assistance.

0 Karma
1 Solution

Builder

I believe I just referenced the SSL conf files and directory from a working server and copied it over. Since splunk/ Linux are flat file based system splunk didn't seem to have an issue.

View solution in original post

0 Karma

Builder

I believe I just referenced the SSL conf files and directory from a working server and copied it over. Since splunk/ Linux are flat file based system splunk didn't seem to have an issue.

View solution in original post

0 Karma

Explorer

Hi Jarohnimo,

Please let us know if this got resolved for you and how you did that.

Getting same issue

Builder

I believe I just referenced the SSL conf files and directory from a working server and copied it over. Since splunk/ Linux are flat file based system splunk didn't seem to have an issue.

0 Karma
State of Splunk Careers

Access the Splunk Careers Report to see real data that shows how Splunk mastery increases your value and job satisfaction.

Find out what your skills are worth!