KB 016 – Splunk – Setting up a CA signed certificate in Splunk

KB 016 - Splunk - Setting up a CA signed certificate in Splunk 1

“c:\program files\splunk\bin\openssl” genrsa -des3 -out mySplunkWebPrivateKey.key 2048 -config “C:\Program Files\Splunk\openssl.cnf”

KB 016 - Splunk - Setting up a CA signed certificate in Splunk 2

“c:\program files\splunk\bin\openssl” rsa -in mySplunkWebPrivateKey.key -out mySplunkWebPrivateKey.key

KB 016 - Splunk - Setting up a CA signed certificate in Splunk 3

File has changed size (KEY has been removed)

KB 016 - Splunk - Setting up a CA signed certificate in Splunk 4

“c:\program files\splunk\bin\openssl” rsa -in mySplunkWebPrivateKey.key -text

KB 016 - Splunk - Setting up a CA signed certificate in Splunk 5

“c:\program files\splunk\bin\openssl” req -new -key mySplunkWebPrivateKey.key -out mySplunkWebCert.csr -config “C:\Program Files\Splunk\openssl.cnf”

KB 016 - Splunk - Setting up a CA signed certificate in Splunk

KB 016 - Splunk - Setting up a CA signed certificate in Splunk 7

.csr file needs to be sent to a CA

Splunk - Setting up a CA signed certificate in Splunk 8

https://www.rapidsslonline.com/

KB 016 - Splunk - Setting up a CA signed certificate in Splunk 9

KB 016 - Splunk - Setting up a CA signed certificate in Splunk 10

KB 016 - Splunk - Setting up a CA signed certificate in Splunk 11

KB 016 - Splunk - Setting up a CA signed certificate in Splunk 12

KB 016 - Splunk - Setting up a CA signed certificate in Splunk 13

KB 016 - Splunk - Setting up a CA signed certificate in Splunk 14

KB 016 - Splunk - Setting up a CA signed certificate in Splunk 15

Click GENERATE

KB 016 - Splunk - Setting up a CA signed certificate in Splunk 16

KB 016 - Splunk - Setting up a CA signed certificate in Splunk 17

KB 016 - Splunk - Setting up a CA signed certificate in Splunk 18

KB 016 - Splunk - Setting up a CA signed certificate in Splunk 19

KB 016 - Splunk - Setting up a CA signed certificate in Splunk 20

KB 016 - Splunk - Setting up a CA signed certificate in Splunk 21

KB 016 - Splunk - Setting up a CA signed certificate in Splunk 22

KB 016 - Splunk - Setting up a CA signed certificate in Splunk 23

KB 016 - Splunk - Setting up a CA signed certificate in Splunk 24

KB 016 - Splunk - Setting up a CA signed certificate in Splunk 25

KB 016 - Splunk - Setting up a CA signed certificate in Splunk 26

KB 016 - Splunk - Setting up a CA signed certificate in Splunk 27

KB 016 - Splunk - Setting up a CA signed certificate in Splunk 28

KB 016 - Splunk - Setting up a CA signed certificate in Splunk 29

KB 016 - Splunk - Setting up a CA signed certificate in Splunk 30

Save the intermediate cert as myCA

KB 016 - Splunk - Setting up a CA signed certificate in Splunk 31

KB 016 - Splunk - Setting up a CA signed certificate in Splunk 32

Copy mySplunkWebCert.pem+myCACert.pem+mySplunkWebPrivateKey.key mySplunkServerCertificate

Copy the CA ROOT (download this from the CA) to CACert.pem (this is different from myCACert.pem which is actually the intermediate we got form the above”

KB 016 - Splunk - Setting up a CA signed certificate in Splunk 33

Edit local\server.conf

[sslConfig]

caCertFile = myCACertificate.pem

caPath = $SPLUNK_HOME\etc\auth\mycerts

sslKeysfile = mySplunkServerCErtificate.pem

sslKeysfilePassword = $1$lM4bAMo=

Download PDF version here