cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
AxelPersinger
Explorer
Member since: ‎09-08-2020
‎09-10-2020
Community Statistics
Posts 3
Solutions 1
Karma Given 1
Karma Received 4
Member Since ‎09-08-2020
Activity Feed
View All

Re: Securing Splunk HEC with LetsEncrypt

by in Security
‎09-09-2020 04:43 AM
3 Karma
‎09-09-2020 04:43 AM
3 Karma
I got it to work with LetsEncrypt!  From inside the LetsEncrypt directory (probably something like /etc/letsencrypt/live/<site>/) openssl pkcs8 -topk8 -inform PEM -outform PEM -in privkey.pem -out privkey.enc.pem # Will prompt for password cat cert.pem >> hec.pem cat privkey.enc.pem >> hec.pem cat chain.pem >> hec.pem   Then copy the hec.pem to your desired location, and change the inputs.conf like you said earlier! ... View more

Re: Securing Splunk HEC with LetsEncrypt

by in Security
‎09-09-2020 04:20 AM
‎09-09-2020 04:20 AM
Hi @thambisetty , this looks like a great reference! My question is if I can create this with the Let'sEncrypt generated certificates, that way my HEC will be trusted by everyone? I don't want to have to also manage certificates if possible. ... View more

Securing Splunk HEC with LetsEncrypt

by in Security
‎09-08-2020 06:15 PM
‎09-08-2020 06:15 PM
Hi all! I'm trying to enable SSL for my HEC ingestor on a small, centralized Splunk Enterprise deployment. I used Let'sEncrypt to generate the certificates for the Splunk Web interface, as it's trusted by everyone. I'm tying to configure HEC to use the same certificates, but I'm having no luck in doing so. I tried following all the guides/questions on this board for securing HEC using certs, but I'm not sure which .pem files to use, if I have to encrypt them with an additional password, etc.    Thanks! ... View more
Labels
Contact Me
Online Status
Offline
Date Last Visited
‎09-10-2020 07:45 AM
Karma from
Karma given to
View All