Security

installing a SSL certificate in Splunk

vikram_m
Path Finder

Hi Team I have a SSL certificate but it is in format of .cer extension

going through Splunk docs I can see pem format files installation. Also on the splunk server I can find only myServerPrivateKey.key key.

Please let me know if I am missing to be found anything here.

Thanks.
Vikram.

1 Solution

jkat54
SplunkTrust
SplunkTrust

Often times people/companies name certs with whatever file extension they understand as a cert.

Many times you'll find the same data in a pem that's in a cer etc.

You originally tagged this as being related to the Web SSL app, which is an app that helps you with web SSL but is a different topic altogether. I'm mentioning that because that tells me and others that you're looking to install an ssl certificate for Splunk web.

So let me explain what a pem typically is. A pem is supposed to be the root certificate authority cert plus intermediary certs plus your public key plus your signed certificate. So it's the "full chain" of your cert.

Usually I create one like this:

 cat rootca.cer intermediate.cer mypublickey.key mycert.cer > mydomain.com.pem

So you'll need those other certs and you simply append them all together in one file with pem extension.

In web.conf add this:
[settings]
enableSplunkWebSSL = true
serverCert = /path/to/your/pem

You may also find the web SSL installer app useful: https://splunkbase.splunk.com/app/3231/

View solution in original post

jkat54
SplunkTrust
SplunkTrust

Often times people/companies name certs with whatever file extension they understand as a cert.

Many times you'll find the same data in a pem that's in a cer etc.

You originally tagged this as being related to the Web SSL app, which is an app that helps you with web SSL but is a different topic altogether. I'm mentioning that because that tells me and others that you're looking to install an ssl certificate for Splunk web.

So let me explain what a pem typically is. A pem is supposed to be the root certificate authority cert plus intermediary certs plus your public key plus your signed certificate. So it's the "full chain" of your cert.

Usually I create one like this:

 cat rootca.cer intermediate.cer mypublickey.key mycert.cer > mydomain.com.pem

So you'll need those other certs and you simply append them all together in one file with pem extension.

In web.conf add this:
[settings]
enableSplunkWebSSL = true
serverCert = /path/to/your/pem

You may also find the web SSL installer app useful: https://splunkbase.splunk.com/app/3231/

View solution in original post

starcher
SplunkTrust
SplunkTrust

Also see slides and talk from April 2016
https://wiki.splunk.com/Virtual_.conf

jkat54
SplunkTrust
SplunkTrust

@vikram_m did this help? Can you accept the answer if so?

0 Karma
Take the 2021 Splunk Career Survey

Help us learn about how Splunk has
impacted your career by taking the 2021 Splunk Career Survey.

Earn $50 in Amazon cash!