I have an SSL cert signed by a third-party CA. I point to it in the in the web.conf file (caCertPath=/certs/cert.pem), restart splunkweb and connect via https://server:8000. I can see my cert file is being read, but the connection is untrusted because I haven't installed the intermediate cert file anywhere. HOW/WHERE do I install the intermediate cert?
Hi Matt,
This should work, based on my reading of the Python SSL stuff in Python 2.6 w/ Cherrypy (which is what sits under mrsparkle)
Put both your intermediate cert and your issued cert in the cert.pem file, one after the other. Borrowing from the python docs:
-----BEGIN CERTIFICATE-----
... (certificate for your server)...
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
... (the intermediate certificate)...
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
... (the root certificate for the CA)...
-----END CERTIFICATE-----
If you don't have the root cert I don't think it is strictly necessary, as the client's browser should have it.
Hi Matt,
This should work, based on my reading of the Python SSL stuff in Python 2.6 w/ Cherrypy (which is what sits under mrsparkle)
Put both your intermediate cert and your issued cert in the cert.pem file, one after the other. Borrowing from the python docs:
-----BEGIN CERTIFICATE-----
... (certificate for your server)...
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
... (the intermediate certificate)...
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
... (the root certificate for the CA)...
-----END CERTIFICATE-----
If you don't have the root cert I don't think it is strictly necessary, as the client's browser should have it.
What about using Apache in front of Splunkweb. I would very much recommend it. There are other solutions on answers using Mod_proxy in Apache to do this.