SAML Configuration: What does "you must use the same signing certificate on all search head members" mean?


Today, I use CA signed certificates on all search head cluster members. These members are behind a load balancer. The load balancer DNS name and the unique host name (per server) are present in the subject alternative name. The server certificate is part of a chain along with Intermediate and Root certificates. This all seems to work fine.

I need to configure SAML, and have, for a single member. I can't make heads or tails of the "configuring SAML in a search head cluster" doc. According to the doc, there is a common "signing certificate" I need to copy to the other members. What is this? Has anyone had experience with SAML configuration in a search head cluster? Your thoughts are appreciated.

0 Karma
Get Updates on the Splunk Community!

New Splunk Observability innovations: Deeper visibility and smarter alerting to ...

You asked, we delivered. Splunk Observability Cloud has several new innovations giving you deeper visibility ...

Synthetic Monitoring: Not your Grandma’s Polyester! Tech Talk: DevOps Edition

Register today and join TekStream on Tuesday, February 28 at 11am PT/2pm ET for a demonstration of Splunk ...

Instrumenting Java Websocket Messaging

Instrumenting Java Websocket MessagingThis article is a code-based discussion of passing OpenTelemetry trace ...