Splunk
  • README
  • Docs
    • OS Migration
    • Resources
    • SSL
    • Settings
  • Integrations
    • Cisco
    • Cloudflare
    • Crowdstrike Integrations with Splunk Enterprise and ES
    • JAVA for DB Connect app
    • Delinea
    • F5 BIG-IP
    • FortiGate
    • Microsoft Azure
    • Integration Netflow with Splunk
    • Splunk Mobile
    • Sysmon
    • Telegram
    • Tenable
    • Twilio SMS
    • VMware
  • SPL Queries
    • MISC
    • SPL Queries
  • Splunk Deployment
    • Apps & Addons
    • Firewall rules
    • Indexer cluster deployment
    • Splunk Deployment Specifications
    • Splunk Deployment
    • Splunk ES
    • Syslog-ng
    • Universal Forwarder
Powered by GitBook
On this page
  • DOCS
  • Default certificate renewal
  • Split a .pfx File into .pem and .key Files Using OpenSSL
  1. Docs

SSL

DOCS

How to prepare TLS certificates for use with the Splunk platform

Configure Splunk indexing and forwarding to use TLS certificates

Configure TLS certificates for inter-Splunk communication

Configure Splunk Web to use TLS certificates

Test and troubleshoot TLS connections

Default certificate renewal

WEB

export LD_LIBRARY_PATH=/opt/splunk/lib/:$LD_LIBRARY_PATH
export SPLUNK_HOME=/opt/splunk/
mkdir $SPLUNK_HOME/etc/auth/mycerts
cd $SPLUNK_HOME/etc/auth/mycerts
/opt/splunk/bin/openssl genrsa -aes256 -out myServerPrivateKey.key 2048
openssl req -new -key myServerPrivateKey.key -out myServerCertificate.csr
openssl x509 -req -in myServerCertificate.csr -sha512 -signkey myServerPrivateKey.key -CAcreateserial -out myServerCertificate.pem -days 3650
chown -R splunk:splunk /opt/splunk

nano /opt/splunk/etc/system/local/web.conf

[settings]
enableSplunkWebSSL = true
privKeyPath = /opt/splunk/etc/auth/mycerts/myServerPrivateKey.key
serverCert = /opt/splunk/etc/auth/mycerts/myServerCertificate.pem
sslPassword = password

SERVER

cd /opt/splunk/etc/auth
mv server.pem server.pem.bkp
chown -R splunk:splunk /opt/splunk
/opt/splunk/bin/splunk restart
openssl x509 -in server.pem -text

Link

Split a .pfx File into .pem and .key Files Using OpenSSL

The following command will generate a private key file without a password from your .pfx file (requires password):

openssl pkcs12 -in certificate.pfx -out privateKey.key -nocerts -nodes

The following command will generate a .pem certificate file from your .pfx file which will include any intermediate and root certificates that may be included in the .pfx file. (requires password):

openssl pkcs12 -in certificate.pfx -out certificate.pem -nokeys -clcerts

/opt/splunk/etc/auth

PreviousResourcesNextSettings

Last updated 6 months ago