Is it possible to set the certificate and private ...

human96 · ‎02-13-2022

In your environment, one Splunk server has two NICs, each There is a different FQDN. In this case, is it possible to set the certificate and private key for both NICs?

human96 · ‎02-13-2022

If you can, please tell me how to set it.

PickleRick · ‎02-14-2022

You need to generate a CSR with multiple DNS names as SAN. The way to do this varies depending on what tool you're using. Then you have to give this CSR to your CA guys which will generate proper certificate with many names. If you're using openssl suite for this - google for the multiple SANs CSR generation - there are plenty solutions described on the internet.

Of course when you get your cert, you have to conifgure your splunk instance using those certs as the docs say. https://docs.splunk.com/Documentation/Splunk/8.2.4/Security/AboutsecuringyourSplunkconfigurationwith...

PickleRick · ‎02-13-2022

Private key has nothing to do with what it's used for.

And yes - the certificate can be used for multiple names. It's called "SANs" - Subject Alternative Names.

Is it possible to set the certificate and private key for NICs with different FQDN?

heavy forwarder

inputs.conf

other

universal forwarder

Enterprise Security Content Update (ESCU) | New Releases

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

Index This | What are the 12 Days of Splunk-mas?