- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Updating Splunk to use a cert that is trusted by root CA cert instead of self-signed, what could break?
Hello Splunkers,
We have ran into several issues primarily with getting data into Splunk over HTTP Collectors. It appears that we need to update our cert with one that has a root ca that has been applied to our Splunk instance instead of a self-signed certificate. We are trying to determine what impact updating the cert across our entire environment could have.
After adding a cert to splunk web does not push down the the HTTP collectors. They were still using the self-signed certificate. So it appears adding a new certificate to the cluster is required.
This will be my first time updating the certificate across the entire environment so feel free to provide any advice or doc pages that could assist.
Documentation we are currently using:
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
So if you're talking about a replacement of self signed splunk certificates and activation of ssl encryption for mgmt. port, rep. port, UF --> Indexer and so on. Following links could be helpful!
https://docs.splunk.com/Documentation/Splunk/latest/Security/Getthird-partycertificatesforSplunkWeb
https://docs.splunk.com/Documentation/Splunk/latest/Security/Howtogetthird-partycertificates
https://docs.splunk.com/Documentation/Splunk/latest/Security/Howtoself-signcertificates
