Solved: How to use purchased third-party certificates with...

hijklmno · ‎08-10-2016

Hi,

I have a use case where I need to send data from Chrome (client-side) to Splunk, where the website resides on HTTPS. Chrome fails self-signed certificates (net::ERR_INSECURE_RESPONSE), so I would need to use our own certificates.

Do I specify something in $SPLUNK_HOME/etc/system/local/inputs.conf? I am using Comodo, and have a private key, wildcard cert, two intermediate certs, and a root cert.

I have setup Splunk Web with our own certificate already, and it works fine.

I am using a browserify-ed version of splunk-javascript-logging on the website, and running Splunk Light, 6.4.2, on an AWS linux AMI.

Thanks for your help!

hijklmno · ‎01-13-2017

I have solved this issue by terminating SSL via AWS load balancer.

View solution in original post

apple9211 · ‎01-13-2017

https://docs.splunk.com/Documentation/Splunk/6.5.1/Admin/Inputsconf#http:_.28HTTP_Event_Collector.29

Here it lists all of the SSL options like serverCert = , sslKeysfile = , sslPassword = that would be potentially relevant for getting your certificates to work with the HTTP Event Collector

hijklmno · ‎01-13-2017

I have solved this issue by terminating SSL via AWS load balancer.

How to use purchased third-party certificates with HTTP Events Collector?

Announcing Scheduled Export GA for Dashboard Studio

Extending Observability Content to Splunk Cloud

More Control Over Your Monitoring Costs with Archived Metrics GA in US-AWS!