Splunk Enterprise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

SSL enabled between deployment server and deployment client (UF)

krusovice
Path Finder
‎01-19-2022 10:25 PM

In my environment, I've setup the SSL communication and authentication between Deployment Server and its deployment client. It is working fine.

The trouble came when nearly 1 year - the renewal of the SSL is needed, meaning the server.pem and cacert.pem in UF require to be updated with renewed SSL. 

For the first year, we have used DS to push the SSL cert over to UF. Question is - is there any way to push the second year's SSL cert (server.pem and cacert.pem) over to UF using Deployment servers while the first year SSL still valid?

Or is there any best practice how to renew the cert in UF (deployment client) in yearly basis?

 

Thanks.

Labels (1)
Labels
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

isoutamo
SplunkTrust
SplunkTrust
‎01-19-2022 11:53 PM

Hi

the best way to renew those is dependent on your way to use those. If you have use individual certificate in every node then you definitely need some tool which will manage that. But as the normal way to do this with splunk is to use one (or only few) cert for all UFs then it's much easier. Depending on place where you have put your cert files on UF you need a separate deployment tool (e.g. ansible, any MS based for windows) to renew those or use DS to add that on separate TA/SA on clients and then restart those.

r. Ismo

View solution in original post

0 Karma
Reply
Solved! Jump to solution

SinghK
Builder
‎01-19-2022 10:33 PM

Ow, are you saying that you pushed a common ssl cert to all UF's?

0 Karma
Reply
Solved! Jump to solution

krusovice
Path Finder
‎01-19-2022 11:02 PM

Yes, in our environment, there is cacert.pem and server.pem sit in the UF that require to annually renewed.

Tags (1)
0 Karma
Reply
Solved! Jump to solution
Solution

isoutamo
SplunkTrust
SplunkTrust
‎01-19-2022 11:53 PM

Hi

the best way to renew those is dependent on your way to use those. If you have use individual certificate in every node then you definitely need some tool which will manage that. But as the normal way to do this with splunk is to use one (or only few) cert for all UFs then it's much easier. Depending on place where you have put your cert files on UF you need a separate deployment tool (e.g. ansible, any MS based for windows) to renew those or use DS to add that on separate TA/SA on clients and then restart those.

r. Ismo

0 Karma
Reply
Solved! Jump to solution

tinatan
Engager
‎01-20-2022 11:08 PM

Thank you for the reply, we are using one cert applied to all UFs.

Tags (1)
0 Karma
Reply
Solved! Jump to solution

SinghK
Builder
‎01-19-2022 11:10 PM

my understanding was ssl cert was very unique with priv key and everything unless csr  and key is not generated on server it will not work.

i am very interested in the topic lets ask isoutamo or anyone else who can help.

 

@isoutamo 

0 Karma
Reply
Get Updates on the Splunk Community!

Adoption of RUM and APM at Splunk

    Unleash the power of Splunk Observability   Watch Now In this can't miss Tech Talk! The Splunk Growth ...

Routing logs with Splunk OTel Collector for Kubernetes

The Splunk Distribution of the OpenTelemetry (OTel) Collector is a product that provides a way to ingest ...

Welcome to the Splunk Community!

(view in My Videos) We're so glad you're here! The Splunk Community is place to connect, learn, give back, and ...