product
- Why choose Splunk
- Installation record
- price
- Splunk Enterprise Security
- Splunk Phantom (SOAR)
- Splunk ITSI (Next Generation IT Operations)
- Splunk Observability Cloud
- Splunk UBA
- Macnica CSIRT App Basic
- App for Splunk for Financial Institutions
- Splunk Analytics for Hadoop
- About Apps
- Splunk Edge Hub
- What is Splunk
service
- Dashboard/SPL Creation Pack [Implementation/Building Support]
- Version upgrade service [implementation and construction support]
- Smart Security Monitoring App [Original App/Service]
- Splunk × LANSCOPE Original App [Original App/Service]
- Security Monitoring App for Box [Original App/Service]
- Cloud Security Monitoring App [Original App/Service]
- List of services
- Macnica Premium Support for Splunk (utilization support, version upgrade monitoring)
Specifications/Technical Information
Application for evaluation machine
- FAQ
How to update SplunkWeb's default server certificate (cert.pem)
- release date
- 2019-08-29
- last updated
- 2024-01-11
- version
- Splunk Enterprise 9.1.2
- Overview
-
The expiration date of the server certificate (cert.pem) used by default when SSL (HTTPS) is used for SplunkWeb is three years after the date when the service is started for the first time after a new installation.
To renew the certificate, use one of the following methods.
- Method 1: Move the old certificate to another location and restart Splunk's service
- Method 2: Run the createssl command to renew the certificate and restart the Splunk service
- content
-
How to update
If the default server certificate (cert.pem) used by SplunkWeb with SSL (HTTPS) is about to expire, you can update the server certificate by following the steps below. There are two ways to update, please use one of them.
Please replace $SPLUNK_HOME in the following procedure with the Splunk installation directory.
*For default installation
<Linux>
$SPLUNK_HOME : /opt/splunk<Windows>
$SPLUNK_HOME : C:\Program Files\splunkMethod 1
procedure
- Move the current cert.pem and privkey.pem under the $SPLUNK_HOME/etc/auth/splunkweb folder to a directory outside $SPLUNK_HOME.
- Restart the Splunk service.
command:$SPLUNK_HOME/bin/splunk restart - After rebooting, make sure a new cert.pem is created in $SPLUNK_HOME/etc/auth.
Method 2
The key size of the certificate created by Method 1 is 2048bit. Use this procedure to change the key size
procedure
- Move the current cert.pem and privkey.pem under the $SPLUNK_HOME/etc/auth/splunkweb folder to a directory outside $SPLUNK_HOME.
- Execute the following command to renew the certificate.
command:
*3072 is the key size of the server certificate. If omitted, the key size will be the same as method 1.cd $SPLUNK_HOME/etc/auth/splunkweb
$SPLUNK_HOME/bin/splunk createssl web-cert 3072 - Restart the Splunk service.
command:
$SPLUNK_HOME/bin/splunk restart - After reboot, make sure new cert.pem, privkey.pem are created in $SPLUNK_HOME/etc/auth/splunkweb.
that's all
In charge of Macnica Splunk Co., Ltd.
- TEL:045-476-2010
- E-mail:splunk-sales@macnica.co.jp
Weekdays: 9:00-17:00
