product
service
- Simple Security Consulting [Consulting]
- Splunk SOAR Automation Assessment Service [Consulting]
- Dashboard/SPL Creation Pack [Implementation/Building Support]
- Version upgrade service [implementation and construction support]
- Splunk Premium Apps construction support service [implementation and construction support]
- Splunk Security Log Analysis Start Package [Original App/Service]
- Splunk × CrowdStrike Falcon Insight, Macnica Original App [Original App/Service]
- Government uniform standard compatible App [Original App/Service]
- Smart Security Monitoring App [Original App/Service]
- Splunk × LANSCOPE Original App [Original App/Service]
- Security Monitoring App for Box [Original App/Service]
- Cloud Security Monitoring App [Original App/Service]
- SIEM Operation Monitoring Service [Original App/Service]
- List of services
- Macnica Premium Support for Splunk (utilization support, version upgrade monitoring)
- Macnica Premium Support for Splunk Skill Up Package
Specifications/Technical Information
Application for evaluation machine
- FAQ
How to update SplunkWeb's default server certificate (cert.pem)
- release date
- 2019-08-29
- last updated
- 2019-08-29
- version
- Splunk Enterprise 7.2.5
- Overview
-
The expiration date of the server certificate (cert.pem) used by default when SSL (HTTPS) is used for SplunkWeb is three years after the date when the service is started for the first time after a new installation.
To renew the certificate, use one of the following methods.
- Method 1: Move the old certificate to another location and restart Splunk's service
- Method 2: Run the createssl command to renew the certificate and restart the Splunk service
- content
-
How to update
If the default server certificate (cert.pem) used by SplunkWeb with SSL (HTTPS) is about to expire, you can update the server certificate by following the steps below. There are two ways to update, please use one of them.
Please replace $SPLUNK_HOME in the following procedure with the Splunk installation directory.
*For default installation
<Linux>
$SPLUNK_HOME : /opt/splunk
<Windows>
$SPLUNK_HOME : C:\Program Files\splunk
Method 1
procedure
- Move the current cert.pem and privkey.pem under the $SPLUNK_HOME/etc/auth/splunkweb folder to a directory outside $SPLUNK_HOME.
- Restart the Splunk service.
command:$SPLUNK_HOME/bin/splunk restart
- After rebooting, make sure a new cert.pem is created in $SPLUNK_HOME/etc/auth.
Method 2
The key size of the certificate created by Method 1 is 2048bit. Use this procedure to change the key size
procedure
- Move the current cert.pem and privkey.pem under the $SPLUNK_HOME/etc/auth/splunkweb folder to a directory outside $SPLUNK_HOME.
- Execute the following command to renew the certificate.
command:
*3072 is the key size of the server certificate. If omitted, the key size will be the same as method 1.cd $SPLUNK_HOME/etc/auth/splunkweb
$SPLUNK_HOME/bin/splunk createssl web-cert 3072 - Restart the Splunk service.
command:
$SPLUNK_HOME/bin/splunk restart
- After reboot, make sure new cert.pem, privkey.pem are created in $SPLUNK_HOME/etc/auth/splunkweb.
that's all
In charge of Macnica Splunk Co., Ltd.
- TEL:045-476-2010
- E-mail:splunk-sales@macnica.co.jp
Mon-Fri 8:45-17:30