Security

Splunk Web Certificate Self Signing: - Invalid Argument

westy74
Engager

Hi All,

I am pretty much a novice on Splunk certificate management.

I have ran into an error in trying to self-sign Splunk web certifications.
Command string and output as follows:


C:>"c:\Program Files\Splunk\bin\splunk.exe" createssl web-cert -n -l 3072 Generating a 3072 bit RSA private key
..............................++
................................................................................
........................................................++

writing new private key to 'privKeySecure.pem'

Signature ok
subject=/CN=,server_name>/O=SplunkUser
c:\Program Files\Splunk\C:\Program Files\Splunk\etc\auth\splunkweb\cert.pem: Invalid argument

Command failed (ret=1), exiting.

The results from this is that I am getting a new privateKeySecure.pem but not a new cert.pem.
The private key is being dropped into the $\etc\auth folder.

I am running Splunk Ent. Version 7.1.0 on windows.

Web.conf in local $\etc\system\local looks like this:


[settings]
enableSplunkWebSSL = 1
privKeyPath = C:\Program Files\Splunk\etc\auth\splunkweb\server.key

caCertPath = C:\Program Files\Splunk\etc\auth\splunkweb\cert.pem

I am pretty sure the problem solution lies in the output where the following is not a correct path, but a double up:

"c:\Program Files\Splunk\C:\Program Files\Splunk\etc\auth\splunkweb\cert.pem"

Any thoughts or ideas on howto fix would be greatly appreciated.

Cheers

Jim

0 Karma

deepashri_123
Motivator

Hey@westy74,

You can refer this link:
https://docs.splunk.com/Documentation/Splunk/latest/Security/Howtoself-signcertificates

Let me know if this helps!!!

0 Karma

renjith_nair
SplunkTrust
SplunkTrust

@westy74,

From the output, it looks like splunk is considering the path as relative and prefixing $SPLUNK_HOME value to the path. You could try providing relative path in the conf and try generating certificate. Once the certificates are generated, you may revert it in case it has an impact on other configurations.

Happy Splunking!
0 Karma
Get Updates on the Splunk Community!

Index This | I am a number, but when you add ‘G’ to me, I go away. What number am I?

March 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...