Splunk Enterprise

ssl forwarder configuration


Hi All ,

we are required to configure ssl on splunk forwarders to communicate to splunk instances.

in the official link - https://docs.splunk.com/Documentation/Splunk/8.0.4/Security/ConfigureSplunkforwardingtousesignedcert...

The below steps are given to be configured on the forwarder side. Also we have a third party certificate issuer. Can you please clarify the below queries

1)  we have multiple clients.  i am assuming we can use a single certificate for all clients.

       How do we generate the single certificate for all clients.

2)  The below point 2 states that we need to copy the certificate in the below path. 

instead can we use a deployment server to issue the certificate ?

Configure your forwarders to use your certificates

  1. Generate a new certificate (for example, client.pem).
  2. Copy the new certificate and the CA public certificate myCACertificate.pem into an accessible folder on the forwarders you want to configure. For example, you can use a destination folder of $SPLUNK_HOME/etc/auth/mycerts/


Labels (1)
Tags (1)
0 Karma
Take the 2021 Splunk Career Survey

Help us learn about how Splunk has
impacted your career by taking the 2021 Splunk Career Survey.

Earn $50 in Amazon cash!