In order to satisfy the "Upgrade readiness app" in 9.0.2 it seems we must set "requireClientCert = true" in our server.conf under the [sslConfig] stanza. However, when I do this I begin to see a lot of errors in splunkd.log of the following nature:
03-31-2023 10:53:36.274 -0400 ERROR ExecProcessor [1996726 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk_secure_gateway/bin/ssg_enable_modular_input.py" Enter PEM pass phrase:
Presumably this is because the key has a passphrase set on it, but we do have "sslPassword" set, so I'm not sure what's causing the issue. Our complete sslConfig stanza looks like this:
[sslConfig]
enableSplunkdSSL = true
sslRootCAPath = /opt/splunk/etc/auth/certs/ca.pem
serverCert = /opt/splunk/etc/auth/certs/combined.pem
sslPassword = <REDACTED>
sslVerifyServerCert = true
verifyServerCert = true
requireClientCert = true
I haven't been able to find this issue mentioned anywhere. Any help would be appreciated. TIA