I'm trying to configure SSL encryption for my Splunk Light VM instance.
Here is my web.conf file:
[settings]
enableSplunkWebSSL = 1
httpport = 443
privKeyPath = <$SPLUNK_HOME/etc/auth/omniCerts/splunk.lab.omni.key>
serverCert = <$SPLUNK_HOME/etc/auth/omniCerts/splunk.lab.omni.pem>
Both .key and .pem file are owned by splunk:splunk and have read priv for all. I followed the instructions at (http://wiki.splunk.com/Community:SplunkWeb_SSL_SelfSignedCert_NewRootCA), except for the actual generation and signing of the cert. I have my own Internal CA that I issued the splunk cert with. I created the .pem file by concatenating the splunk.lab.omni.crt file with my CA's .crt file (server first, then root CA).
I dont have enough karma to attach files, so if you want my web_services.log file, I'm not sure how to show it other than a big messy post. I don't see any errors. It acknowledges my .pem and .key files. When I restart splunk, everything passes except at the end it hangs at "Waiting for web server at https://127.0.0.1:443 to be available.." Web access times out, and netstat shows a "CLOSE_WAIT" as the status of my attempted connection.
Any idea what is wrong??
... View more