Security

need help with SSL certificates

abovebeyond
Communicator

Hi ,

littel confused with SSL certificate types

i got an PFX file (wildcard certificate) and i want to insert certificate to Splunkweb

i read here:
http://docs.splunk.com/Documentation/Splunk/6.2.0/Security/SecureSplunkWebusingasignedcertificate

that i need a private.key and a pem certificates

where do i get the private key ?

i know how to convert a pfx file to public key that contain private key also.

Tags (3)
0 Karma

jmallorquin
Builder
0 Karma

abovebeyond
Communicator

30-2015 08:25:01.770 +0000 ERROR SSLCommon - Can't read certificate file /opt/splunk/etc/auth/splunkweb/XXX.key errno=151441516 error:0906D06C:PEM routines:PEM_read_bio:no start line

0 Karma

abovebeyond
Communicator

Hi , Thanks

can you please be more specific ? what exactly i need to do if i have a pfx file

Thanks

0 Karma

jmallorquin
Builder

Hi, sure

Here is the procedure
https://wiki.splunk.com/Community:SplunkWeb_SSL_3rdPartyCA

But the main thing is that you first have to generate the .key before get the pfx in the procedure that i posted.

Hope i help you

0 Karma

abovebeyond
Communicator

So, the .key file is generated from splunk server , and the pem file is my wildcard certificate?

Thanks

0 Karma

jmallorquin
Builder

Hi,

no.
1.- you generate the .key
2.- with the key you generate a certificate request .cer
3.- your company CA sign your .cer and give you de public CA and a certificate .pem
Then you configure splunk. 🙂

0 Karma

abovebeyond
Communicator

Hi
As i say, we already have a wildcard certificate from a 3rd party provider.

jmallorquin
Builder

So,
you should have also the key of the certificate. How they generate this certificate?

0 Karma

abovebeyond
Communicator

Ok, i tried with convert my pfx file to private key using open ssl

then, i convert the pfx to pem file

tried to insert it to splunk:
$SPLUNK_HOME/etc/auth/splunkweb

in addition, i changed the web.conf file to the specific certificate names but after restart the server splunkweb is not opening (tried with http,https)

what logs i need to search for?

0 Karma

jmallorquin
Builder

index=_internal

0 Karma
Get Updates on the Splunk Community!

What's new in Splunk Cloud Platform 9.1.2312?

Hi Splunky people! We are excited to share the newest updates in Splunk Cloud Platform 9.1.2312! Analysts can ...

What’s New in Splunk Security Essentials 3.8.0?

Splunk Security Essentials (SSE) is an app that can amplify the power of your existing Splunk Cloud Platform, ...

Let’s Get You Certified – Vegas-Style at .conf24

Are you ready to level up your Splunk game? Then, let’s get you certified live at .conf24 – our annual user ...