In order to satisfy the "Upgrade readiness app" in 9.0.2 it seems we must set "requireClientCert = true" in our server.conf under the [sslConfig] stanza. However, when I do this I begin to see a lot of errors in splunkd.log of the following nature: 03-31-2023 10:53:36.274 -0400 ERROR ExecProcessor [1996726 ExecProcessor] - message from "/opt/splunk/bin/python3.7 /opt/splunk/etc/apps/splunk_secure_gateway/bin/ssg_enable_modular_input.py" Enter PEM pass phrase: Presumably this is because the key has a passphrase set on it, but we do have "sslPassword" set, so I'm not sure what's causing the issue. Our complete sslConfig stanza looks like this: [sslConfig] enableSplunkdSSL = true sslRootCAPath = /opt/splunk/etc/auth/certs/ca.pem serverCert = /opt/splunk/etc/auth/certs/combined.pem sslPassword = <REDACTED> sslVerifyServerCert = true verifyServerCert = true requireClientCert = true I haven't been able to find this issue mentioned anywhere. Any help would be appreciated. TIA
... View more