Hi all
Is there a way to set up a multi-domain certificate and a wildcard certificate?
if yes then can anyone tell me the step by step procedure to implement this ?
Technically, @gcusello already showed you where to find info about installing certificates. I will only add that you can use with splunk both multi-domain (having multiple Subject Alternative Name (SAN) values) as well as wildcard certs. But in case of securing internal Splunk communication you'd rather want to use single cert per node (avoid temptation of using - for example - common cert for all indexers), especially if you're doing cert-based authentication.
And even though it's technically possible to have several "specific" names together with a wildcard name within a single cert I think I've never seen a CA selling such certs. It's always either a multidomain cert or a wildcard one.
Hi @super_saiyan,
what do you mean with multi domain certificate?
are you speaking of a Splunk self signed certificate or a third party certificate?
are you speaking of server certificates to secure connections between Splunk servers or certificates for web accessing?
anyway, all the available informaton about splunk use of certificates are at https://docs.splunk.com/Documentation/Splunk/8.2.6/Security/WhatyoucansecurewithSplunk
Ciao.
Giuseppe
hi @gcusello ,
you're a saviour. Thanks for your quick response.
and yes i was talking about third party certificate and yes server certificates to secure connections between Splunk servers.
can you please tell me how to do it and step by step process to implement this.
Hi @super_saiyan ,
I always follow the steps described at https://docs.splunk.com/Documentation/Splunk/8.2.6/Security/ConfigureSplunkforwardingtousesignedcert...
Ciao.
Giuseppe