8/11/2023 0 Comments Splunk ssl certificate![]() ![]() There is no feasible way to work backward if you cannot find the matching key for your certificate. Otherwise you will just have to generate a new key (or use an existing key), create a new CSR from it, and request a new certificate to match the new key. You might be able to locate a match that way, if you can remember the date of generating the original request. I would search the whole of ~splunk/etc/ for. ![]() the local administrator can alter the location in web.conf), the default location for your web certificates is: I never used Splunk to create the initial request, so I'm not sure where the procedure is that you followed, but an error like this essentially derives from human error.Īlthough it is configuration dependent (i.e. When certificates were altered for Splunk I replaced them and altered the configuration to match manually. My previous role required managing SSL certificates for multiple hosts and services, so there were standard processes for generating keys, CSRs and resultant certificates externally. Either the Key you now have is not the key which against which the original CSR was created, or the certificate you have was not generated from the CSR you provided. (This is what your checker will have done.)Īs to how this comes about, quite simply the key and the certificate have been muddled. OpenSSL provides a commandline tool for generating the fingerprint of both the certificate and the key, and they should match. That was what I was getting at when I suggested you check the fingerprint of the key and the certificate. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |