Splunk Enterprise
Highlighted

How to use purchased third-party certificates with HTTP Events Collector?

Engager

Hi,

I have a use case where I need to send data from Chrome (client-side) to Splunk, where the website resides on HTTPS. Chrome fails self-signed certificates (net::ERRINSECURERESPONSE), so I would need to use our own certificates.

Do I specify something in $SPLUNK_HOME/etc/system/local/inputs.conf? I am using Comodo, and have a private key, wildcard cert, two intermediate certs, and a root cert.

I have setup Splunk Web with our own certificate already, and it works fine.

I am using a browserify-ed version of splunk-javascript-logging on the website, and running Splunk Light, 6.4.2, on an AWS linux AMI.

Thanks for your help!

Tags (1)
0 Karma
Highlighted

Re: How to use purchased third-party certificates with HTTP Events Collector?

Engager

I have solved this issue by terminating SSL via AWS load balancer.

View solution in original post

0 Karma
Highlighted

Re: How to use purchased third-party certificates with HTTP Events Collector?

Explorer

https://docs.splunk.com/Documentation/Splunk/6.5.1/Admin/Inputsconf#http:_.28HTTP_Event_Collector.29

Here it lists all of the SSL options like serverCert = , sslKeysfile = , sslPassword = that would be potentially relevant for getting your certificates to work with the HTTP Event Collector

0 Karma
Speak Up for Splunk Careers!

We want to better understand the impact Splunk experience and expertise has has on individuals' careers, and help highlight the growing demand for Splunk skills.