Tenable.io is alerting on all my splunk universal forwarder client hosts (Debian & Ubuntu) It is seeing port 8089 on these hosts (probably the management port??) and throwing this error: The following certificate was found at the top of the certificate chain sent by the remote host, but is self-signed and was not found in the list of known certificate authorities : |-Subject : C=US/ST=CA/L=San Francisco/O=Splunk/CN=SplunkCommonCA/
[email protected] I dont need to encypt splunk commuications from universal forwarder to splunk server, I just want Tenable to see a signed cert on this port so it doesnt complain. Where is this file and can I replace it with my fullchain.pem from Letsencrypt that is already elsewhere on this host? thanks, Matt
... View more