Security

Getting error "unsupported certificate" when configuring TLS on management port 8089

DaisyNguyen
Loves-to-Learn Lots

Hi all,

I'm trying to configure SSL certificate for management port 8089 on Manager Node and Indexers.

In file $SPLUNK_HOME/etc/system/local/server.conf in Manager Node and Indexers.

 

[sslConfig]
sslRootCAPath = <path_to_rootCA>
sslPassword = mycertpass
enableSplunkdSSL = true
serverCert = <path_to_manager_or_indexer_cert>
requireClientCert = true
sslAltNameToCheck = manage-node.example.com

 

I check rootCA and my server certificate in Manager Node and Indexers with `openssl verify` and it return OK.

I use the same certificate for Indexers and one for Manager Node.

All my certificate have purpose is SSL server and SSL client:

X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication

But when I set `requireClientCert = true`, it return "unsupported certificate" error and I can't access to Splunk Web of Manager Node.

Please help me to fix this! 

Labels (1)
0 Karma

DaisyNguyen
Loves-to-Learn Lots

[UPDATE]

When I used the same certifiacte for Splunk Web and Splunk Secure Connection, it works normally.

But when I used different certificate between Splunk Web and Splunk Secure Connection, the error continued happen.

Before, Splunk Web used only TLS Web Server certificatie, and Splunk Secure Connection used certificate that has purpose TLS Web Server and TLS Web Client. And I really need use separate cert for my cases.

 

0 Karma
Get Updates on the Splunk Community!

Index This | Divide 100 by half. What do you get?

November 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with this ...

Stay Connected: Your Guide to December Tech Talks, Office Hours, and Webinars!

❄️ Celebrate the season with our December lineup of Community Office Hours, Tech Talks, and Webinars! ...

Splunk and Fraud

Watch Now!Watch an insightful webinar where we delve into the innovative approaches to solving fraud using the ...