What are most people in the Splunksphere doing for ssl certs on their search heads? ARe you using the splunk generated certs or getting your own? If splunk generated, what is the best procedure to create the certs?
It's purely depends on your organization's requirement. Normally we use self signed for test environments and certificate from a valid cert authority for production instance to avoid the certificate warnings
For self generated certificate, you can start from https://docs.splunk.com/Documentation/Splunk/7.0.0/Security/Self-signcertificatesforSplunkWeb.
Further references : https://docs.splunk.com/Documentation/Splunk/7.0.0/Security/AboutsecuringauthenticationtoSplunkWeb