How to use Splunk rest api in secure mode

Nagarajv · ‎02-21-2019

I started exploring splunk ReST API and I'm using postman to test them.
Splunk Rest api is throwing error if SSL verification is turned on in postman.

Settings

Error

If i turn SSL certificate verification off, i'm getting the response from splunkd
Request
https://localhost:8089/services/auth/login
Response
"{
"sessionKey": "ezeocaLe6jyO4BiVwBsKDhDxEvmXi10rg9L0jYJrTzTx_XdFM_4Xsd3zupypHZn8QxCHVtffg9^Mt05dcl_lyIzE7puXrP9DbXSNriYp",
"message": "",
"code": ""
}"

harsmarvania57 · ‎02-22-2019

Hi,

By default Splunk use their own signed certificate with management port (8089), so to send request in secure mode you can configure Splunk management port with self-signed certificate or third party certificate, if you do not want to configure self-signed certificate or third party certificate then import Splunk CA from $SPLUNK_HOME/etc/auth/ to your browser if you are using POSTMAN Chome App, have a look at Postman Docs http://blog.getpostman.com/2014/01/28/using-self-signed-certificates-with-postman/

If you want to configure self-signed certificate in this case as well you need to import root CA in your browser Trusted Certificate store.

How to use Splunk rest api in secure mode

.conf24 | Registration Open!

ICYMI - Check out the latest releases of Splunk Edge Processor

Introducing the 2024 SplunkTrust!