Splunk – Setting up a CA signed certificate in Splunk

Splunk – Setting up a CA signed certificate in Splunk

Setting up a CA signed certificate in Splunk

“c:\program files\splunk\bin\openssl” genrsa -des3 -out mySplunkWebPrivateKey.key 2048 -config
“C:\Program Files\Splunk\openssl.cnf”

Setting up a CA signed certificate in Splunk

“c:\program files\splunk\bin\openssl” rsa -in mySplunkWebPrivateKey.key -out mySplunkWebPrivateKey.key

Setting up a CA signed certificate in Splunk

File has changed size (KEY has been removed)

Setting up a CA signed certificate in Splunk

“c:\program files\splunk\bin\openssl” rsa -in mySplunkWebPrivateKey.key-text

Setting up a CA signed certificate in Splunk

“c:\program files\splunk\bin\openssl” req -new -key mySplunkWebPrivateKey.key -out mySplunkWebCert.csr-config “C:\Program Files\Splunk\openssl.cnf”

Setting up a CA signed certificate in Splunk

Setting up a CA signed certificate in Splunk

.csr file needs to be sent to a CA

Setting up a CA signed certificate in Splunk

https://www.rapidsslonline.com/

Setting up a CA signed certificate in Splunk

Setting up a CA signed certificate in Splunk

Setting up a CA signed certificate in Splunk

Click GENERATE

Setting up a CA signed certificate in Splunk

Setting up a CA signed certificate in Splunk

Setting up a CA signed certificate in Splunk

Setting up a CA signed certificate in Splunk

Setting up a CA signed certificate in Splunk

Setting up a CA signed certificate in Splunk

Setting up a CA signed certificate in Splunk

Setting up a CA signed certificate in Splunk

Setting up a CA signed certificate in Splunk

Setting up a CA signed certificate in Splunk

Setting up a CA signed certificate in Splunk

Setting up a CA signed certificate in Splunk

Setting up a CA signed certificate in Splunk

Save the intermediate cert as myCA

Setting up a CA signed certificate in Splunk

Setting up a CA signed certificate in Splunk

Copy mySplunkWebCert.pem+myCACert.pem+mySplunkWebPrivateKey.key mySplunkServerCertificate

Copy the CA ROOT (download this from the CA) to CACert.pem (this is different from myCACert.pem which is actually the intermediate we got form the above”

Setting up a CA signed certificate in Splunk

Edit local \ server.conf
[sslConfig]
caCertFile = myCACertificate.pem
caPath = $SPLUNK_HOME \ etc \ auth \ mycerts
sslKeysfile = mySplunkServerCErtificate.pem
sslKeysfilePassword = $1$lM4bAMo=

Download PDF version here