Security
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

How to configure SSL certificate to recognize mutliple DNS names for one splunk server?

emixam3
Explorer
‎06-15-2016 01:04 AM

Hi,
I made certificates from external CA for all my splunk servers, and that works! No problem, splunk documentation is very clear on it.
I use OpenSSL.
My problem is that my servers have two or more DNS names. For example, server1.domain.com and web.domain.com for the same server.
When I made the server certificate just for server1.domain.com, that works.
Same thing, of course, with web.domain.com.
But when I made the server certificate for both, with server1.domain.com in commonName field and web.domain.com in subjectAltName field, as OpenSSL documentation says, I've got and error in my browser if I navigate to web.domain.com. It says that the certificate is made for server1.domain.com.
How can I do for my certificate working for both dns name?

I hope I'm quite clear in my explanations, english is not my native language.

Thanks for all.

0 Karma
Reply

JasonParms
New Member
‎06-17-2016 01:50 AM

For creating your own certificate with OpenSSL, you should specify the "Common Name" *.example.com instead of server1.example.com or web.example.com while generating the certificate signing request (CSR). It will secure your all sub-domains under the example.com.

It is recommended to use trusted CA signed certificate for reduce the risk from future cyber attacks.

0 Karma
Reply

scruse
Path Finder
‎06-15-2016 10:33 AM

if i remember correctly from when i did my SSL config, subjectAltName was deprecated from the config within splunk. What i ended up doing is just going wildcard cert for all of my splunk instances. May not be the best solution but it works flawlessly

Reply

emixam3
Explorer
‎06-15-2016 11:24 PM

OK.
Have you got some documentation about subjectAltName deprecation?

0 Karma
Reply
Get Updates on the Splunk Community!

Introducing the Splunk Community Dashboard Challenge!

Welcome to Splunk Community Dashboard Challenge! This is your chance to showcase your skills in creating ...

Built-in Service Level Objectives Management to Bridge the Gap Between Service & ...

Wednesday, May 29, 2024  |  11AM PST / 2PM ESTRegister now and join us to learn more about how you can ...

Get Your Exclusive Splunk Certified Cybersecurity Defense Engineer Certification at ...

We’re excited to announce a new Splunk certification exam being released at .conf24! If you’re headed to Vegas ...