Hi I am looking for Deployment Server <---> UF For example, Server A is my Deployment Server AND Heavy Forwarder. Server B is my Deployment Client. I would like them to communicate with the default cert, and I would like searchable results in the search bar for Server B. Thank you.
... View more
Hi, I am having trouble attempting to get a deployment server and a deployment client to communicate and then access data through the Splunk search using SSL with Splunk default certificates. What steps would I have to go through to achieve this? So I am trying to get my deployment server A with default certs cacert.pem and server.pem in /etc/auth to communicate with Server B which also has the same default certs in /etc/auth. I have defined the Deployment Server server.conf and inputs.conf as shown: [sslConfig] enableSplunkdSSL = false useClientSSLCompression = true serverCert = /xxxxx/splunk/etc/auth/server.pem sslPassword = password sslRootCAPath = /xxxx/splunk/etc/auth/cacert.pem certCreateScript = genMyServerCert.sh inputs.conf [SSL] serverCert = /xxxx/splunk/etc/auth/server.pem password = password rootCA = /xxxx/splunk/etc/auth/cacert.pem requireClientCert = false sslVersions = tls,-ssl3 On my Server B or Deployment Client, my server.conf is defined as [sslConfig] enableSplunkdSSL = true [default] useClientSSLCompression = true serverCert = /xxxx/splunkforwarder/etc/auth/server.pem sslPassword = password sslRootCAPath = /xxxx/splunkforwarder/etc/auth/cacert.pem certCreateScript = genMyServerCert.sh What .conf files do I need to edit and what stanzas will I need to define on the Deployment Client(server B) for them to communicate and eventually I can search Server B on my search head? Sorry if this is unclear but I will be answering any questions on what I am asking. Thank you.
... View more