This documentation does not apply to the most recent version of Splunk® DB Connect.
For documentation on the most recent version, go to the latest release.
Configure Splunk DB Connect to support requireClientCert=true
Follow the instructions below to allow DB Connect to provide a client certificate while communicating with Splunk components.
- Set
requireClientCert=falsein$SPLUNK_HOME/etc/system/local/server.conf - Use cert.pem and privkey.pem from
$SPLUNK_HOME/etc/auth/splunkweb, or generate a new Private Key and Certificate signed by the CA under$SPLUNK_HOME/etc/auth/ca.pem - Copy cert.pem and privkey.pem to
$SPLUNK_HOME/etc/apps/splunk_app_db_connect/certs. Note that we use a naming convention, we expect the certificate and private key to be named cert.pem and privkey.pem. - Open Splunk DB Connect and navigate to
Configuration > Settings > Keystore, click New Client Certificate and then copy the content from cert.pem to Certificate field and the content from privkey.pem (in PKCS8 format) to Private Key field, then click Save. - Verify privkey.pem is in PKCS8 format:
PKCS8 contains a header as
BEGIN PRIVATE KEYand PKCS1 asBEGIN RSA PRIVATE KEY - Convert privkey.pem to PKCS8 if needed using
$SPLUNK_HOME/bin/splunk cmd openssl pkcs8 -topk8 -inform PEM -outform PEM -nocrypt -in privkey.pem -out privkey-pkcs8.pem - Set
requireClientCert=truein$SPLUNK_HOME/etc/system/local/server.conf - Restart Splunk.
Last modified on 24 July, 2024
| Configure Splunk DB Connect settings | Configure Splunk DB Connect security and access controls |
This documentation applies to the following versions of Splunk® DB Connect: 3.16.0, 3.17.0, 3.17.1, 3.17.2
Download manual
Feedback submitted, thanks!