We're working on the setup of a new Splunk installation.
As an intermediate step during the migration work we would like to point the old Indexer Cluster to the new License Master.
The problem we're facing is that, in the old installation we're not using SSL for port 8089 communications and in the new installation we are.
To sum up, SSL is not configured in the client (the old Indexer Cluster) but is enabled in new License Master.
After setting the master_uri in [license] stanza to https://newlm.com:8089 (in /opt/splunk/etc/system/local/server.conf) the following messages started to popup:
Failed to contact license master: reason='Unable to connect to license master=https://newlm.com:8089 Error connecting: SSL not configured on client
As a side note openssl output looks clean:
>openssl s_client -connect newlm.com:8089 -CAfile /opt/splunk/etc/auth/cacert.pem Verify return code: 0 (ok)
Anyway to set up this mixed environment?
Could we possibly use SSL just for the communication with the License Master?
Could these calls be "proxied" by a License Slave?
What is the minimum setup to support this kind of communication? It would be the bummer if we have to set up the entire old installation for SSL just to contact the License Master!
Thanks in advance.