Solved: Splunk Forwarder Certificate Re-creation.

SandzVG · ‎05-06-2015

Hello Admins,

related to my earlier question, which went unanswered 😞
http://answers.splunk.com/answers/232151/the-subject-common-name-cn-found-in-the-x509-cert.html

i've deleted the server.pem and have restarted the SplunkForwarder service and it has been re-generated with the same CN = SplunkServerDefaultCert. I would like this to be the Hostname of the server in which it runs instead of the Default.

can you please throw some light on what steps the re-start service would do and how it re-generates the certificate?

Thanks

Venu

starcher · ‎05-06-2015

You need to make your own certificates with another CA if you want to use custom CN etc information. That is the default Splunk SSL certificate. These slides might help. http://www.georgestarcher.com/wp-content/uploads/2014/11/Nashville-UG-Splunk-SSL-Presentation.pdf

View solution in original post

starcher · ‎05-06-2015

You need to make your own certificates with another CA if you want to use custom CN etc information. That is the default Splunk SSL certificate. These slides might help. http://www.georgestarcher.com/wp-content/uploads/2014/11/Nashville-UG-Splunk-SSL-Presentation.pdf

Splunk Forwarder Certificate Re-creation.

Index This | Forward, I’m heavy; backward, I’m not. What am I?

A Guide To Cloud Migration Success

Join Us for Splunk University and Get Your Bootcamp Game On!