I just double-checked on this and apparently Splunk has openssl packaged with it. Using the $SPLUNK_HOME/bin/splunk prefix essentially just directs your device to utilize the Splunk version of the package (which is why it couldn't find the FIPS version since that isn't normally included). You don't actually need to use this if you already have openssl installed (which is likely anyway since I believe it's included by default in most Linux distros these days).
Just make sure you include the full filepath for your key output and you can run the command without the $SPLUNK_HOME preface.
OPENSSL_FIPS=1 openssl genrsa -aes256 -out $SPLUNK_HOME/etc/auth/mycerts/myCAPrivateKey.key 2048
That should do it for you but let us know if you run into any other issues with it.
... View more