Splunk Enterprise

ssl forwarder configuration

keishamtcs
Engager

Hi All ,

we are required to configure ssl on splunk forwarders to communicate to splunk instances.

in the official link - https://docs.splunk.com/Documentation/Splunk/8.0.4/Security/ConfigureSplunkforwardingtousesignedcert...

The below steps are given to be configured on the forwarder side. Also we have a third party certificate issuer. Can you please clarify the below queries

1)  we have multiple clients.  i am assuming we can use a single certificate for all clients.

       How do we generate the single certificate for all clients.

2)  The below point 2 states that we need to copy the certificate in the below path. 

instead can we use a deployment server to issue the certificate ?

Configure your forwarders to use your certificates

  1. Generate a new certificate (for example, client.pem).
  2. Copy the new certificate and the CA public certificate myCACertificate.pem into an accessible folder on the forwarders you want to configure. For example, you can use a destination folder of $SPLUNK_HOME/etc/auth/mycerts/

 

Labels (1)
Tags (1)
0 Karma
.conf21 CFS Extended through 5/20!

Don't miss your chance
to share your Splunk
wisdom in-person or
virtually at .conf21!

Call for Speakers has
been extended through
Thursday, 5/20!