All Apps and Add-ons

Connect Splunk DB Connect to MariaDB with SSL and cert

ShaneNewman
Motivator

I am trying to enable a connection from the Splunk DB Connect app to a MariaDB (MySQL) database in AWS, which requires SSL and a particular pem file to connect. I cannot find any specific documentation or examples on Answers on how to accomplish this. Can someone point me in the right direction?

I am using the MySQL 5.1 JDBC driver, if that matters - which supports SSL.

Labels (1)
0 Karma
1 Solution

ShaneNewman
Motivator

Figured this out a while back and forgot to update the post.

Rsyncing the pem key to the host that is running the DB connect app and importing it into the keystore in the splunk_app_dbconnect app got me the desired results.

keytool -importcert -file /tmp/mypemkey.pem -keystore /opt/splunk/etc/apps/splunk_app_db_connect/keystore
- Default password for the keystore is 'password'

View solution in original post

0 Karma

hatalla
Path Finder

Hi Shane,

I am trying to run an Oracle connection using SSL. It is running at AWS/RDS and I downloaded the root and intermediate certs from AWS and imported these in /usr/lib/jvm/java-1.8.0-openjdk/jre/lib/security/cacerts as well as in the keystore and truststore files in DB Connect in /opt/splunk/etc/apps/splunk_app_db_connect/certs/

but I see you added the certs somewhere else, did you create a new jks file in
/opt/splunk/etc/apps/splunk_app_db_connect/keystore/ or import your cert in /opt/splunk/etc/apps/splunk_app_db_connect/keystore/default.jks

because I am not able to add the cert in /opt/splunk/etc/apps/splunk_app_db_connect/keystore/default.jks using the default "password" password; it doesn't seem to be "password"

Thanks for your help.

0 Karma

ShaneNewmanRH
Engager

Password is actually 'changme'

0 Karma

ShaneNewman
Motivator

Figured this out a while back and forgot to update the post.

Rsyncing the pem key to the host that is running the DB connect app and importing it into the keystore in the splunk_app_dbconnect app got me the desired results.

keytool -importcert -file /tmp/mypemkey.pem -keystore /opt/splunk/etc/apps/splunk_app_db_connect/keystore
- Default password for the keystore is 'password'

View solution in original post

0 Karma
.conf21 Now Fully Virtual!
Register for FREE Today!

We've made .conf21 totally virtual and totally FREE! Our completely online experience will run from 10/19 through 10/20 with some additional events, too!