Splunk Enterprise
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Why does Splunk fails to start with error message "The certificate generation script did not generate the expected certificate file"?

dubeysantosh
Explorer
‎07-11-2019 02:53 AM

Why does Splunk service fails to start with error message: " The certificate generation script did not generate the expected certificate file"

I tried to start the splunkd service but the below messages were shown. Please advise how to fix it. Thanks.

[splunk@ bin]$ ./splunk start

Splunk> All batbelt. No tights.

Checking prerequisites...
Checking http port [8000]: open
Checking mgmt port [8089]: open
Checking appserver port [127.0.0.1:8065]: open
Checking configuration... Done.
The certificate generation script did not generate the expected certificate file:/opt/splunk/etc/apps/certs/myNewServerCertificate.pem. Splunkd port communication will not work.
SSL certificate generation failed.

Tags (1)
0 Karma
Reply

dubeysantosh
Explorer
‎07-11-2019 02:54 AM

I tested in lab and I was able to reproduce the issue and fix it. Please find the details below:

  1. I moved myServerCertificate.pem to myServerCertificate.pem.orig
    [root@ selfsign]# ls -l myServerCertificate.pem
    ls: cannot access myServerCertificate.pem: No such file or directory
    [root@ selfsign]# ls -l myServerCertificate.pem*
    -rw-r--r-- 1 root root 4469 May 30 11:38 myServerCertificate.pem.orig

  2. You can check location of ServerCertificate by running btool.
    [root@ selfsign]# splunk btool inputs list --debug | grep myServerCertificate.pem
    /opt/splunk/etc/system/local/inputs.conf serverCert = /opt/splunk/etc/auth/selfsign/myServerCertificate.pem

  3. As you can see the myServerCertificate.pem doesn't exist.

[root@ selfsign]# ls -l myServerCertificate.pem
ls: cannot access myServerCertificate.pem: No such file or directory

4.I got the same error message "SSL certificate generation failed"

[root@ selfsign]# splunk restart
splunkd is not running. [FAILED]

Splunk> All batbelt. No tights.

Checking prerequisites...
Checking http port [8000]: open
Checking mgmt port [8090]: open
Checking appserver port [127.0.0.1:8065]: open
Checking kvstore port [8191]: open
Checking configuration... Done.
The certificate generation script did not generate the expected certificate file:/opt/splunk/etc/auth/selfsign/myServerCertificate.pem. Splunkd port communication will not work.
SSL certificate generation failed.
[root@ selfsign]#

Reply

nmohammed
Builder
‎07-23-2019 05:28 PM

@dubeysantosh

were you able to fix it ? I see the same problem , when trying to add new search heads to a existing cluster .

I was able to resolve it, by manually copying the server.pem file in SPLUNK_HOME/etc/auth to SPLUNK_HOME/etc/auth/splunkweb and start Splunk.

Reply
Get Updates on the Splunk Community!

Splunk Decoded: Business Transactions vs Business IQ

It’s the morning of Black Friday, and your e-commerce site is handling 10x normal traffic. Orders are flowing, ...

Fastest way to demo Observability

I’ve been having a lot of fun learning about Kubernetes and Observability. I set myself an interesting ...

September Community Champions: A Shoutout to Our Contributors!

As we close the books on another fantastic month, we want to take a moment to celebrate the people who are the ...