Splunk Enterprise

Updating Splunk to use a cert that is trusted by root CA cert instead of self-signed, what could break?

Hutch
Path Finder

Hello Splunkers,

We have ran into several issues primarily with getting data into Splunk over HTTP Collectors. It appears that we need to update our cert with one that has a root ca that has been applied to our Splunk instance instead of a self-signed certificate. We are trying to determine what impact updating the cert across our entire environment could have. 

After adding a cert to splunk web does not push down the the HTTP collectors. They were still using the self-signed certificate. So it appears adding a new certificate to the cluster is required.

This will be my first time updating the certificate across the entire environment so feel free to provide any advice or doc pages that could assist.

Documentation we are currently using:

https://docs.splunk.com/Documentation/Splunk/9.0.2/Security/ConfigureandinstallcertificatesforLogObs...

Labels (1)
0 Karma
Get Updates on the Splunk Community!

Splunk Observability Cloud's AI Assistant in Action Series: Auditing Compliance and ...

This is the third post in the Splunk Observability Cloud’s AI Assistant in Action series that digs into how to ...

Splunk Community Badges!

  Hey everyone! Ready to earn some serious bragging rights in the community? Along with our existing badges ...

What You Read The Most: Splunk Lantern’s Most Popular Articles!

Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data ...