Hello Splunkers!!
I want to work Splunk on https. I am using windows server.
How to generate certificate in Splunk and Trustore in some easy steps available?
I followed below document but not giving any good results.
https://docs.splunk.com/Documentation/Splunk/9.2.1/Security/Howtoself-signcertificates
Hi @uagraw01,
this is the procedure to generate a certificate or to add an external certificate, but you have also to enable the https on web and you can do it in [Settings > Server Settings > general Settings].
If you want to use a self signed certificate, you don't need to create a new one because Splunk uses its own certificate for the internal management communications; you need only to enable https connection as I described.
Ciao.
Giuseppe
Hi @uagraw01 ,
The connection is using a self signed certificate.
So, if the website doesn’t have a thir party certificate, the “HTTPS Not Secure” Message in Chrome will appear, even if you have a certificate.
You can solve the issue using a third party certificate or enabling your browser to recognize this certificate as well.
Ciao.
Giuseppe
@gcusello I have used below commands to generate various certificates and adjust web.conf also. But still the connection is not secure.
D:\Splunk\bin\splunk" cmd openssl genrsa -aes256 -out mySplunkWebPrivateKey.key 2048
"D:\Splunk\bin\splunk" cmd openssl rsa -in mySplunkWebPrivateKey.key -out mySplunkWebPrivateKey.key
"D:\Splunk\bin\splunk" cmd openssl rsa -in mySplunkWebPrivateKey.key -text
"D:\Splunk\bin\splunk" cmd openssl req -new -key mySplunkWebPrivateKey.key -out mySplunkWebCert.csr
"D:\Splunk\bin\splunk" cmd openssl x509 -req -in mySplunkWebCert.csr -CA myCACertificate.pem -CAkey myCAPrivateKey.key -CAcreateserial -out mySplunkWebCert.pem -days 1095
"D:\Splunk\bin\splunk" cmd openssl x509 -req -in mySplunkWebCert.csr -CA myCACertificate.pem -CAkey myCAPrivateKey.key -CAcreateserial -out mySplunkWebCert.pem -days 1095
type mySplunkWebCert.pem myCACertificate.pem > mySplunkWebCertificate.pem
web.conf
[settings] enableSplunkWebSSL = true privKeyPath = /opt/splunk/etc/auth/mycerts/mySplunkWebPrivateKey.key serverCert = /opt/splunk/etc/auth/mycerts/mySplunkWebCertificate.pem