Splunk Enterprise

How to resolve Splunk SSL certificate errors?



I am trying to install SSL certificate for Splunk to permit HTTPS access to the console. As part of the procedure, I have generated the CSR, Key and the signed PEM certificates. I uploaded the files to the Splunk host and created (and edited) the server.conf with the following information

enableSplunkWebSSL = true
privKeyPath = /opt/splunk/etc/auth/mycerts/mySplunkWebPrivateKey.key 
serverCert = /opt/splunk/etc/auth/mycerts/mySplunkWebCertificate.pem 

I also disabled the [sslConfig] stanza in server.conf.

When I try to restart Splunk, the service fails with the following errors. Please advise on how to fix the issue.

WARNING: Cannot decrypt private key in "/opt/splunk/splunk/etc/auth/mycerts/mySplunkWebPrivateKey1.key" with>
Feb 03 17:09:16 frczprmccinfsp1 splunk[1559898]: WARNING: Server Certificate Hostname Validation is disabled. Please see server.conf/[sslConfig]/cliVerifySer>  

Thanks in advance.

Labels (2)
0 Karma
Get Updates on the Splunk Community!

Splunk Lantern | Spotlight on Security: Adoption Motions, War Stories, and More

Splunk Lantern is a customer success center that provides advice from Splunk experts on valuable data ...

Splunk Cloud | Empowering Splunk Administrators with Admin Config Service (ACS)

Greetings, Splunk Cloud Admins and Splunk enthusiasts! The Admin Configuration Service (ACS) team is excited ...

Tech Talk | One Log to Rule Them All

One log to rule them all: how you can centralize your troubleshooting with Splunk logs We know how important ...