Splunk not taking updated certificate (SSL)

nawazns5038 · ‎01-18-2019

Hi,

The search head cluster uses our own certificates which are going to expire soon. So in order to update the certificates I have pushed the certs through the deployer and updated the SSL Password in server.conf and outputs.conf and the search heads restarted and everything is working fine without errors . But the certificates have not been updated. UI still shows the old certificate and I have checked the expiry through CLI as well. It shows the old certificate. The new certificates have been pushed in the backend.

What could be the reason ?? Anything that I have missed ?

I have double checked using btool , and the certs are pointing towards the right direction .

One thing I observed is that $SPLUNK_HOME is not set on the splunk-launch.conf file . Is that a problem ??

johnansett · ‎03-23-2022

Hello! Did you get this working? I am having the same issue - the privKeyPath and serverCert show up correctly when I run btool, but it still seems to be using the old self signed certs.....

MoniM · ‎01-18-2019

Hi @nawazns5038 ,

Have you gone through the below settings in web.conf ?

https://docs.splunk.com/Documentation/Splunk/7.2.3/Security/SecureSplunkWebusingasignedcertificate#C...

Splunk not taking updated certificate (SSL)

.conf24 | Registration Open!

ICYMI - Check out the latest releases of Splunk Edge Processor

Introducing the 2024 SplunkTrust!