Hi Joe, do you know about certificates purchased and managed through ACM (Amazon Certificate manager)? How can I perform the steps you did at time 4:01 in that case or am I missing something here? Thanks for the wonderful video btw 👍
Thank you Chakresh! I'm not familiar with that service, but if you're able to, either upload the CA certificate or the actual certificate into your browser's trusted store as a workaround.
@@joeabrah I was trying different ways to make this work but it has been a frustrating exercise. I tried configuring it using self signed certificate and when I restart the server, it doesn't show up any error on the logs but when I hit the URL the browser just keeps on loading and finally times-out. Not sure where I am making mistake.
Good video. I just feel like you left out some important details concerning the Microsoft AD CS and how that works. It is not easy to install from what I am reading? What other alternatives would you suggest if we do not have Microsoft AD CS installed?
Thank you! The video's scope wasn't intended to show the AD CS side but a future video is a great idea for that! As an alternative, there are other services, or you could use a Linux-based CA to try.
Hey Joe, this video is useful to me. I followed the steps and certificate expiry date was extended but still on browser URL it shows Not Secure. (Certificate is invalid). Please tell me what the reason is behind.
Hello. If you're using a certificate that's not traditionally trusted by your browser (such as a locally generated certificate from a CA), then you'll need to upload the Splunk certificate or the CA certificate to the trust store for the browser or device, depending on which is relevant for your situation.
Hi Ankit, I believe the process for this would be a very similar process for HEC. Here's a community page that covers the configuration for it: community.splunk.com/t5/Security/Tcp-data-input-and-ssl/m-p/518529#M11769 I don't have HEC setup in my lab currently to test right now.
Hi Joe. a quick question. I have 10 Splunk instances and I wonder if I have to generate the private keys and follow the processes for all of them if I want to allow the user to access them
Hi Jay. Are these single instances or are they part of a cluster? The docs here might help you out but if this doesn't answer your question, please feel free to email me at joe@defendthenet.com to give a little more context.
@@joeabrah Hi Joe. Thanks for the reply and wondering if you have the link for the doc you mentioned and if you have doc or video on how to create secure connections with LDAP. Cheers
Sorry about that! I forgot to add the link. Here it is: docs.splunk.com/Documentation/Splunk/8.2.2/Security/AboutsecuringyourSplunkconfigurationwithSSL I don’t have a doc on that but that is a great idea for one!
Thanks for posting the video. Does any one know how to enable SSL for make api calls via Java SDK? I keep getting PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
Splunk certificate use states that it requires the private key to have no password, as shown in the documentation here: docs.splunk.com/Documentation/Splunk/8.1.3/Security/Thingstoknowaboutyourcertificates
The Splunk documentation sure made this process look a lot harder than it was. Thanks for posting this.
Thanks Abraham
Thank you so much !!
Followed this on a Windows server with Splunk but cannot get the SSL to show secure always mentions SAN Name message on site.
Great video keep doing ssl videos!!
Thank you very much! Very helpful
great job it was very helpful
Hi Joe, do you know about certificates purchased and managed through ACM (Amazon Certificate manager)? How can I perform the steps you did at time 4:01 in that case or am I missing something here? Thanks for the wonderful video btw 👍
Thank you Chakresh! I'm not familiar with that service, but if you're able to, either upload the CA certificate or the actual certificate into your browser's trusted store as a workaround.
@@joeabrah I was trying different ways to make this work but it has been a frustrating exercise. I tried configuring it using self signed certificate and when I restart the server, it doesn't show up any error on the logs but when I hit the URL the browser just keeps on loading and finally times-out. Not sure where I am making mistake.
@@chakreshbhandari4583 Hi Chakresh, were you able to upload the certificate into the browser or computer's trust store?
Good video. I just feel like you left out some important details concerning the Microsoft AD CS and how that works. It is not easy to install from what I am reading? What other alternatives would you suggest if we do not have Microsoft AD CS installed?
Thank you! The video's scope wasn't intended to show the AD CS side but a future video is a great idea for that! As an alternative, there are other services, or you could use a Linux-based CA to try.
can you do one on ingest AWS cloud trail or vpc flow logs?
Hey Joe, this video is useful to me. I followed the steps and certificate expiry date was extended but still on browser URL it shows Not Secure. (Certificate is invalid). Please tell me what the reason is behind.
Hello. If you're using a certificate that's not traditionally trusted by your browser (such as a locally generated certificate from a CA), then you'll need to upload the Splunk certificate or the CA certificate to the trust store for the browser or device, depending on which is relevant for your situation.
Hey Joe, how would I add the certificate for HEC or port 8088? I have added a certificate for web UI but 8088 default to self-signed cert.
Hi Ankit, I believe the process for this would be a very similar process for HEC. Here's a community page that covers the configuration for it: community.splunk.com/t5/Security/Tcp-data-input-and-ssl/m-p/518529#M11769
I don't have HEC setup in my lab currently to test right now.
Hi Joe. a quick question. I have 10 Splunk instances and I wonder if I have to generate the private keys and follow the processes for all of them if I want to allow the user to access them
Hi Jay. Are these single instances or are they part of a cluster? The docs here might help you out but if this doesn't answer your question, please feel free to email me at joe@defendthenet.com to give a little more context.
@@joeabrah Hi Joe. Thanks for the reply and wondering if you have the link for the doc you mentioned and if you have doc or video on how to create secure connections with LDAP. Cheers
Sorry about that! I forgot to add the link. Here it is: docs.splunk.com/Documentation/Splunk/8.2.2/Security/AboutsecuringyourSplunkconfigurationwithSSL
I don’t have a doc on that but that is a great idea for one!
@@joeabrah Thank you so much Joe. I really appreciate your help
@@kostralian No problem at all!
Thanks for posting the video. Does any one know how to enable SSL for make api calls via Java SDK? I keep getting PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
I am wondering why no need to put private key password in splunk config.
Splunk certificate use states that it requires the private key to have no password, as shown in the documentation here: docs.splunk.com/Documentation/Splunk/8.1.3/Security/Thingstoknowaboutyourcertificates