Training + Certification Discussions

I am getting Certificate Error


HI, I have configured SSL in Splunk . It is not self signed but issued by Certified Authority.

I have enabled https option from Splunk GUI also. I am using 7.1.1 version.

Now, the problem is . If I open my SH with https it is opening, but Certificate Error is giving :

This page is not secure (broken HTTPS).
Certificate - Subject Alternative Name missing
The certificate for this site does not contain a Subject Alternative Name extension containing a domain name or IP address.
View certificate
Certificate - missing

The hostname in the website’s security certificate differs from the website you are trying to visit.

I am getting this by pressing F12 and Security tab and my URL is becoming red and https is getting striked out.

Kindly help in solving this !!

Tags (1)
0 Karma


You need a certificate that specifies the alt name, which doesn't happen when in the Splunk guide for cert creation.

One option would be to follow Step 3 in this guide. If you have a single server that creates all your certificates, you would need to change openssl.cnf before each cert creation. FYI, changing these type of files will cause a manifest error until you either put the old file back or upgrade.

#Edit the openSSL file
vi /opt/splunk/openssl/openssl.cnf

# Uncomment out the Request Extensions options

    # Optional: Use "/" to search for req_extensions

    Change FROM: #req_extensions = v3_req # The extensions to add to a certificate request
             TO: req_extensions = v3_req # The extensions to add to a certificate request

    # Optional: Use "/" to search for v3_req 

#Add extended key usage 'subjectAltName = DNS:<FQDN>, DNS:<hostname>, IP:<ip_address>'
0 Karma


You've kind of answered your own question, but the error is because the certificate specified in the CN field of your certificate and your host don't match.

Here are some helpful steps if you are using Linux and Splunk Home is "/opt/splunk"
I - Find what host your using
/opt/splunk/bin/splunk btool web list | grep serverCert

2 - Check your CN
/opt/splunk/bin/splunk cmd openssl x509 -in .pem -text | grep Subject:

It could be something as simple as just needing to specify the FQDN

0 Karma


How did you fix this?


Thanks it is solved, I did it myself !!

0 Karma


Please provide input on what you did to fix this issue.

0 Karma
Get Updates on the Splunk Community!

.conf24 | Day 0

Hello Splunk Community! My name is Chris, and I'm based in Canberra, Australia's capital, and I travelled for ...

Enhance Security Visibility with Splunk Enterprise Security 7.1 through Threat ...

 (view in My Videos)Struggling with alert fatigue, lack of context, and prioritization around security ...

Troubleshooting the OpenTelemetry Collector

  In this tech talk, you’ll learn how to troubleshoot the OpenTelemetry collector - from checking the ...