product
service
- Simple Security Consulting [Consulting]
- Splunk SOAR Automation Assessment Service [Consulting]
- Dashboard/SPL Creation Pack [Implementation/Building Support]
- Version upgrade service [implementation and construction support]
- Splunk Premium Apps construction support service [implementation and construction support]
- Splunk Security Log Analysis Start Package [Original App/Service]
- Splunk × CrowdStrike Falcon Insight, Macnica Original App [Original App/Service]
- Government uniform standard compatible App [Original App/Service]
- Smart Security Monitoring App [Original App/Service]
- Splunk × LANSCOPE Original App [Original App/Service]
- Security Monitoring App for Box [Original App/Service]
- Cloud Security Monitoring App [Original App/Service]
- SIEM Operation Monitoring Service [Original App/Service]
- List of services
- Macnica Premium Support for Splunk (utilization support, version upgrade monitoring)
- Macnica Premium Support for Splunk Skill Up Package
Specifications/Technical Information
Application for evaluation machine
- FAQ
SplunkWeb's default server certificate (cert.pem) expiration date and how to check
- release date
- 2019-08-29
- last updated
- 2024-03-04
- version
- Splunk Enterprise 9.1.2
- Overview
-
The expiration date of the server certificate (cert.pem) used by default when SSL (HTTPS) is used for SplunkWeb is three years after the date when the service is started for the first time after a new installation.
Learn how to renew a certificate.
- Method 1: Move the old certificate to another location and restart Splunk's service
- Method 2: Run the createssl command to renew the certificate and restart the Splunk service
- content
-
How to update
If the default server certificate (cert.pem) used when SSL (HTTPS) is enabled in SplunkWeb is nearing its expiration date, you can update the server certificate by following the steps below.
There are two ways to update your account. Please use one of them.
*$SPLUNK_HOME is the installation directory. By default, it is as follows:
<Linux>
Splunk Enterprise : /opt/splunk<Windows>
Splunk Enterprise : C:\Program Files\SplunkMethod 1
【procedure】
Copy the current cert.pem and privkey.pem under the $SPLUNK_HOME/etc/auth/splunkweb folder.
Change to a directory outside $SPLUNK_HOME.
Restart the Splunk service.
command:
$SPLUNK_HOME/bin/splunk restartAfter rebooting, make sure a new cert.pem is created in $SPLUNK_HOME/etc/auth.
Method 2
The key size of the certificate created by method 1 is 2048 bits.
If you want to change the key size, use this procedure.
【procedure】
Copy the current cert.pem and privkey.pem under the $SPLUNK_HOME/etc/auth/splunkweb folder.
Change to a directory outside $SPLUNK_HOME.
Execute the following command to update the certificate.
command:
cd $SPLUNK_HOME/etc/auth/splunkweb
$SPLUNK_HOME/bin/splunk createssl web-cert 3072*3072 is the key size of the server certificate.
If omitted, the key size will be the same as in method 1.
Restart the Splunk service.
command:
$SPLUNK_HOME/bin/splunk restartAfter reboot, make sure new cert.pem, privkey.pem are created in $SPLUNK_HOME/etc/auth/splunkweb.
that's all
In charge of Macnica Splunk Co., Ltd.
- TEL:045-476-2010
- E-mail:splunk-sales@macnica.co.jp
Mon-Fri 8:45-17:30
