Splunk Cloud Platform

SSL Certificate Issue in technical add-on when making API calls to our Server Product?

Ali_Rewterz
Explorer

So I have been trying to submit the technical add-on, but this TLS certificate issue is perplexing. We are using requests.post in my app to make API calls to our product server from Splunk. After the initial response from the App Review team, we added an option for the users to add a location to their own certificate which is then used in the requests.post.But the response that we have gotten from the App Review team is to "make sure you bundle your own CA certs as part of your app and pass the path into requests.post as an arg."Does that mean we set up a private CA, generate the certificate, and bundle it with the app?
Why do we still need to bundle the certificate when we have given it as an option to the end user?
Lastly, if we generate the certificate, can the same certificate be used by all app users? In our case, every customer has their own instance of our product just like every user has their own Splunk instance.

0 Karma
Get Updates on the Splunk Community!

Buttercup Games: Further Dashboarding Techniques

Hello! We are excited to kick off a new series of blogs from SplunkTrust member ITWhisperer, who demonstrates ...

Message Parsing in SOCK

Introduction This blog post is part of an ongoing series on SOCK enablement. In this blog post, I will write ...

Exploring the OpenTelemetry Collector’s Kubernetes annotation-based discovery

We’ve already explored a few topics around observability in a Kubernetes environment -- Common Failures in a ...