Our org has a small splunk setup. I am trying to secure the splunk with letsencrypt. I have the certs already and put them in /opt/splunk/etc/auth/certs path.
Lets encrypt issues the files as cert.pem, chain.pem, fullchain.pem and privkey.pem.
I pointed to the location of certs in both web.conf and server.conf under /opt/splunk/etc/system/local/ on indexer server and outputs.conf on forwarders.
But I am still getting the same error and forwarders don't forward any data.
... View more