Documentation > Splunk > Admin Manual > Enable HTTPS

Admin Manual

 


About the Splunk Admin Manual
How Splunk Works
Getting Started
Data Inputs
Data Distribution
Indexing
Timestamps
Fields
Hosts
Source Types
Event Types
Transaction Types
Search
Distributed Search
Alerts
Security
Data Management
Deployment Server
Performance Tuning
Configuration Files
Applications
Reference
Troubleshooting

Enable HTTPS

This documentation does not apply to the most recent version of Splunk. Click here for the latest version.

Contents

Enable HTTPS

You can enable HTTPS via Splunk Web or web.conf.


Note: Your Splunk server can listen on either HTTP or HTTPS. It cannot listen on both.


You can also enable SSL through separate configurations.


Important: If you are using Firefox 3, enabling SSL for a Splunk deployment may result in an "invalid security exception" being displayed in the browser. Refer to this workaround documentation for more information.


Configuration

In Splunk Web

To enable HTTPS in Splunk Web, click the Admin link in the upper right hand corner. Then, click Server and choose View Settings. Under Web interface, change the radio button to Yes for Enable SSL (HTTPS) in Splunk Web?


Note: You must restart Splunk to enable the new settings. Also, you must now append "https://" to the URI you use to access Splunk Web.


In web.conf

In order to enable HTTPS, modify web.conf. Edit this file in $SPLUNK_HOME/etc/system/local/, or your own custom application directory in $SPLUNK_HOME/etc/apps/. For more information on configuration files in general, see how configuration files work. 


[settings]
httpport = <port number>
enableSplunkWebSSL = true

Once you have made the changes to web.conf restart your Splunk server to read the new changes in.


Certificates

The certificates used for SSL between Splunk Web and the client browser is located in $SPLUNK_HOME/share/splunk/certs/. You can replace the self-signed default certificate with your own.


The certificates for SSL are specified in web.conf. You can change the defaults to your own certificate names. 


privKeyPath = /certs/privkey.pem
caCertPath = /certs/cert.pem

Restart Splunk Web from the CLI for your changes to take effect. To use Splunk's CLI, navigate to the $SPLUNK_HOME/bin/ directory and use the ./splunk command. You can also add Splunk to your path and use the splunk command. 


./splunk restart splunkweb

If your self-signed certificate for Splunk Web expires, you can generate a new one by deleting cert.pem and privkey.pem in $SPLUNK_HOME/share/splunk/certs/.

Retrieved from "http://docs.splunk.com/Documentation/Splunk/3.4.9/Admin/EnableHTTPS"

This documentation applies to the following versions of Splunk: 3.3 , 3.3.1 , 3.3.2 , 3.3.3 , 3.3.4 , 3.4 , 3.4.1 , 3.4.2 , 3.4.3 , 3.4.5 , 3.4.6 , 3.4.8 , 3.4.9 , 3.4.10 , 3.4.11 , 3.4.12 , 3.4.13 , 3.4.14 View the Article History for its revisions.


You must be logged into splunk.com in order to post comments. Log in now.

Was this documentation topic helpful?

If you'd like to hear back from us, please provide your email address:

We'd love to hear what you think about this topic or the documentation as a whole. Feedback you enter here will be delivered to the documentation team.

Feedback submitted, thanks!