01-24-2012 17:35:39.483 -0800 ERROR SSLCommon - Can't read key file /opt/splunk/etc/auth/server.pem errno=101077092 error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt.
01-24-2012 17:35:39.483 -0800 ERROR HTTPServer - SSL context could not be created - error in cert or password is wrong
01-24-2012 17:35:39.483 -0800 ERROR HTTPServer - SSL will not be enable
I just had a similar problem where my server.conf was configured with the incorrect password:
[sslConfig]
sslKeysfilePassword = KingOfKrunk
You can either edit (sever.conf) and enter the correct password for [sslconfig] 'sslKeysfilePassword' to decrypt server.pem OR generate a new signed cert and key pair using:
$SPLUNK_HOME/bin/genSignedServerCert.sh
this script will allow you to enter a new PEM pass phrase which will need to be transfer into server.conf
In my case, since I am not using any SSL encryption for my test Splunk instance. I simply backup/remove both /opt/splunk/etc/system/local/server.conf and the /opt/splunk/etc/auth/server.pem file. Then restart splunkd, this fix my issue.
We just encountered the same problem after upgrading from Splunk 5 to Splunk 6.1. We overcame the issue by commenting out the [sslconfig] stanza in server.conf and restarting splunkd. This forces Splunk to generate a new SSL password and all checks passed on start up.
Thanks so much. This 10 year old post helped me resolve my issue!
This worked perfectly for me.
Thank you!
Superb, Thanks.
I just had a similar problem where my server.conf was configured with the incorrect password:
[sslConfig]
sslKeysfilePassword = KingOfKrunk
You can either edit (sever.conf) and enter the correct password for [sslconfig] 'sslKeysfilePassword' to decrypt server.pem OR generate a new signed cert and key pair using:
$SPLUNK_HOME/bin/genSignedServerCert.sh
this script will allow you to enter a new PEM pass phrase which will need to be transfer into server.conf
as of 4.3
NOTE: This script is deprecated. Instead, use "splunk createssl server-cert".
A few things come to mind initially.