Hi ,
littel confused with SSL certificate types
i got an PFX file (wildcard certificate) and i want to insert certificate to Splunkweb
i read here:
http://docs.splunk.com/Documentation/Splunk/6.2.0/Security/SecureSplunkWebusingasignedcertificate
that i need a private.key and a pem certificates
where do i get the private key ?
i know how to convert a pfx file to public key that contain private key also.
Hi,
You need generate the key.
https://www.sslshopper.com/article-most-common-openssl-commands.html
Here is the procedure
https://wiki.splunk.com/Community:SplunkWeb_SSL_3rdPartyCA
Hope i help you
30-2015 08:25:01.770 +0000 ERROR SSLCommon - Can't read certificate file /opt/splunk/etc/auth/splunkweb/XXX.key errno=151441516 error:0906D06C:PEM routines:PEM_read_bio:no start line
Hi , Thanks
can you please be more specific ? what exactly i need to do if i have a pfx file
Thanks
Hi, sure
Here is the procedure
https://wiki.splunk.com/Community:SplunkWeb_SSL_3rdPartyCA
But the main thing is that you first have to generate the .key before get the pfx in the procedure that i posted.
Hope i help you
So, the .key file is generated from splunk server , and the pem file is my wildcard certificate?
Thanks
Hi,
no.
1.- you generate the .key
2.- with the key you generate a certificate request .cer
3.- your company CA sign your .cer and give you de public CA and a certificate .pem
Then you configure splunk. 🙂
Hi
As i say, we already have a wildcard certificate from a 3rd party provider.
So,
you should have also the key of the certificate. How they generate this certificate?
Ok, i tried with convert my pfx file to private key using open ssl
then, i convert the pfx to pem file
tried to insert it to splunk:
$SPLUNK_HOME/etc/auth/splunkweb
in addition, i changed the web.conf file to the specific certificate names but after restart the server splunkweb is not opening (tried with http,https)
what logs i need to search for?
index=_internal