TLS Certificate Configuration
If the computer on which you're running the Splunk ODBC Driver is across a firewall from the Splunk Enterprise server, Splunk recommends that you instruct the driver to verify a signed certificate upon connection with the server. To do this, install a valid certificate for the management port on your Splunk Enterprise server, and enable the Verify Server SSL Certificate option in the driver.
Be aware that if you instruct the driver to verify a signed certificate, you must configure a TLS certificate on the Splunk Enterprise server. (The default self-signed certificate is not sufficient.) Not configuring a certificate on the Splunk Enterprise server causes the connection to fail.
Note: Splunk ODBC Driver 2.1.0 and later supports only Transport Layer Security (TLS) version 1.2. SSL is no longer supported.
To set up this functionality:
- On the Splunk Enterprise server, configure one or more certificates.
- Point splunkd (the Splunk Enterprise back-end) to your certificate files by editing server.conf. Here's an example of an edited sslConfig stanza:
[sslConfig] enableSplunkdSSL = true sslKeysfile = server.pem sslKeysfilePassword = password caCertFile = cacert.pem caPath = $SPLUNK_HOME/etc/auth
- On the computer on which you've installed the Splunk ODBC Driver, follow the instructions in "Configuration" to open the Splunk ODBC Connection Options window.
- Check the box next to Verify Server SSL Certificate.
Note: Do not set requireClientCert to true in server.conf. The Splunk ODBC Driver does not use an SSL client certificate, so this setting causes the connection to fail.
Proxy Server Configuration
Load Balancer Configuration
This documentation applies to the following versions of Splunk® ODBC Driver: 2.1.0, 2.1.1