Splunk Enterprise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Is there a way to set up a multi-domain certificate and a wildcard certificate?

super_saiyan
Communicator
‎04-08-2022 12:30 AM

Hi all

Is there a way to set up a multi-domain certificate and a wildcard certificate?

if yes then can anyone tell me the step by step procedure to implement this ?

Labels (3)
0 Karma
Reply

PickleRick
SplunkTrust
SplunkTrust
‎04-08-2022 11:35 AM

Technically, @gcusello already showed you where to find info about installing certificates. I will only add that you can use with splunk both multi-domain (having multiple Subject Alternative Name (SAN) values) as well as wildcard certs. But in case of securing internal Splunk communication you'd rather want to use single cert per node (avoid temptation of using - for example - common cert for all indexers), especially if you're doing cert-based authentication.

And even though it's technically possible to have several "specific" names together with a wildcard name within a single cert I think I've never seen a CA selling such certs. It's always either a multidomain cert or a wildcard one.

0 Karma
Reply

gcusello
SplunkTrust
SplunkTrust
‎04-08-2022 02:41 AM

Hi @super_saiyan,

what do you mean with multi domain certificate?

are you speaking of a Splunk self signed certificate or a third party certificate?

are you speaking of server certificates to secure connections between Splunk servers or certificates for web accessing?

anyway, all the available informaton about splunk use of certificates are at https://docs.splunk.com/Documentation/Splunk/8.2.6/Security/WhatyoucansecurewithSplunk 

Ciao.

Giuseppe

0 Karma
Reply

super_saiyan
Communicator
‎04-08-2022 02:46 AM

hi @gcusello ,

you're a saviour.  Thanks for your quick response.

and yes i was talking about third party certificate and yes  server certificates to secure connections between Splunk servers.

can you please tell me how to do it and step by step process to implement this.

0 Karma
Reply

gcusello
SplunkTrust
SplunkTrust
‎04-08-2022 02:56 AM

Hi @super_saiyan ,

I always follow the steps described at https://docs.splunk.com/Documentation/Splunk/8.2.6/Security/ConfigureSplunkforwardingtousesignedcert...

Ciao.

Giuseppe

Reply
Get Updates on the Splunk Community!

Introducing Splunk Enterprise 9.2

WATCH HERE! Watch this Tech Talk to learn about the latest features and enhancements shipped in the new Splunk ...

Adoption of RUM and APM at Splunk

    Unleash the power of Splunk Observability   Watch Now In this can't miss Tech Talk! The Splunk Growth ...

Routing logs with Splunk OTel Collector for Kubernetes

The Splunk Distribution of the OpenTelemetry (OTel) Collector is a product that provides a way to ingest ...