Splunk Enterprise

Why is server certificate hostname validation disabled?

Gregski11
Contributor

I am trying to enable Server Certificate Hostname Validation in the server.conf file and I literally cut and pasted the command 

sslVerifyServerName = true # turns on TLS certificate host name validation

from the Splunk documentation and when I restart Splunk on this on prem deployment server it says :

WARNING: Server Certificate Hostname Validation is disabled. Please see server.conf/[sslConfig]/cliVerifyServerName for details.

 

now I get the CLI command is cliVerifyServerName instead of sslVerifyServerName, but I even tried having both lines there and it still does not like it

I have issued an Enterprise web certificate to this server, it is still valid for two years, so I am at a total loss here please help

 

Labels (1)
Tags (1)

norbertt911
Communicator

Hi,

As far as I understand the root problem of this issue that Splunk cannot determinate that your SSL certificate issuer is trustable or not.

I play

ed a lot with this - I using CA trusted wildcard certificate. And end up this configuration in server.conf:

sslVerifyServerCert = true
cliVerifyServerName = true
serverCert = $SPLUNK_HOME/etc/auth/mycert/cert-with-key.pem (-> servercert+middle-chain cert+root cert+ private key)
sslRootCAPath = /etc/ssl/certs/ca-bundle.crt

sslRootCAPath is the path of your OS trusted CA bundle. You may need to add Your issuer to this list manually. (the root cert only). Depending by OS, but same process:
https://ubuntu.com/server/docs/security-trust-store 

Now I have no such warning, and seems everything working fine. (May could work if you pointing the your root cert only with sslRootCAPath, but that not tested )

KR.

 

 

 

 

0 Karma
Get Updates on the Splunk Community!

Developer Spotlight with Paul Stout

Welcome to our very first developer spotlight release series where we'll feature some awesome Splunk ...

State of Splunk Careers 2024: Maximizing Career Outcomes and the Continued Value of ...

For the past four years, Splunk has partnered with Enterprise Strategy Group to conduct a survey that gauges ...

Data-Driven Success: Splunk & Financial Services

Splunk streamlines the process of extracting insights from large volumes of data. In this fast-paced world, ...