Security

Why do I get an error when trying to start TCP input with SSL?

Path Finder

I got the following Error when trying to Start TCPInput with SSL:

ERROR SSLCommon - can't load CA certificates from /opt/splunk/etc/apps/XXXX/certs/XXXX.crt

Very straight forward config:

inputs.conf

[splunktcp-ssl:9997]
disabled = 0

[SSL]
sslPassword = XXXXXXXXXXXXX
serverCert = $SPLUNK_HOME/etc/apps/XXXXXXXX/certs/XXXXXX.pem
sslVersions = tls, -tls1.0
requireClientCert = true

server.conf:
[sslConfig]
sslRootCAPath = $SPLUNK_HOME/etc/apps/XXXXX/certs/XXXXX.crt

0 Karma
1 Solution

Path Finder

My CA-Certificate startet with

-----BEGIN TRUSTED CERTIFICATE-----

and ended in:
-----END TRUSTED CERTIFICATE-----

As soon as I deleted "TRUSTED" and made the CA-Cert look like the examples:
-----BEGIN CERTIFICATE-----
and
-----END CERTIFICATE-----

It finally worked. There is not much more info to link to.

View solution in original post

0 Karma

Path Finder

My CA-Certificate startet with

-----BEGIN TRUSTED CERTIFICATE-----

and ended in:
-----END TRUSTED CERTIFICATE-----

As soon as I deleted "TRUSTED" and made the CA-Cert look like the examples:
-----BEGIN CERTIFICATE-----
and
-----END CERTIFICATE-----

It finally worked. There is not much more info to link to.

View solution in original post

0 Karma