Splunk® Enterprise

Securing Splunk Enterprise

Download manual as PDF

Download topic as PDF

About using SSL tools on Windows and Linux

This manual describes how to configure Splunk deployments to use default, self-signed, or Certificate Authority signed certificates. For those who may not have certificates, we also provide simple examples for generating the certificates and keys using the command line and a version of OpenSSL that is packaged with Splunk software.

Using the OpenSSL command-line examples

This manual provides a few basic examples for creating certificates using the Splunk version of OpenSSL in the command line. In order to perform these tasks you must have root administrator permissions. If you are working on a remote or virtual machine, you may have to take an extra step to ensure that you are able to perform all tasks:

  • When working on a Windows platform, you may need to open the command line as the administrator: In the Start Menu, right click the .exe application and select run as administrator.
  • When working on a *nix platform, you might need to use sudo to log in as the root administrator.

For more information about the differences between Windows and *nix, see the Administration Guide.

About SSL tools

Splunk software ships with a recent version of OpenSSL at $SPLUNK_HOME/splunk/lib. For 6.0, Splunk supports OpenSSL with FIPS 140-2 enabled.

A variety of other SSL tools are available for purchase and download that you can use to create and set up certificates. If you do choose to use OpenSSL for certificate configuration, we strongly recommend that you use the version that ships with Splunk to avoid compatibility issues. To make sure that you are using the version provided with Splunk software, set your environment to the version in $SPLUNK_HOME/splunk/lib or $SPLUNK_HOME\splunk\bin for Windows:

The following is an example of the library path for *nix:

 export LD_LIBRARY_PATH=$SPLUNK_HOME/splunk/lib

The following is an example of the path for Windows (using the command prompt):

set PATH = %PATH%;%SPLUNK_HOME%\bin
PREVIOUS
About securing Splunk Enterprise with SSL
  NEXT
Set your SSL version

This documentation applies to the following versions of Splunk® Enterprise: 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, 6.0.7, 6.0.8, 6.0.9, 6.0.10, 6.0.11, 6.0.12, 6.0.13, 6.0.14, 6.0.15, 6.1, 6.1.1, 6.1.2, 6.1.3, 6.1.4, 6.1.5, 6.1.6, 6.1.7, 6.1.8, 6.1.9, 6.1.10, 6.1.11, 6.1.12, 6.1.13, 6.1.14, 6.2.0, 6.2.1, 6.2.2, 6.2.3, 6.2.4, 6.2.5, 6.2.6, 6.2.7, 6.2.8, 6.2.9, 6.2.10, 6.2.11, 6.2.12, 6.2.13, 6.2.14, 6.2.15, 6.3.0, 6.3.1, 6.3.2, 6.3.3, 6.3.4, 6.3.5, 6.3.6, 6.3.7, 6.3.8, 6.3.9, 6.3.10, 6.3.11, 6.3.12, 6.3.13, 6.3.14, 6.4.0, 6.4.1, 6.4.2, 6.4.3, 6.4.4, 6.4.5, 6.4.6, 6.4.7, 6.4.8, 6.4.9, 6.4.10, 6.4.11, 6.5.0, 6.5.1, 6.5.1612 (Splunk Cloud only), 6.5.2, 6.5.3, 6.5.4, 6.5.5, 6.5.6, 6.5.7, 6.5.8, 6.5.9, 6.5.10, 6.6.0, 6.6.1, 6.6.2, 6.6.3, 6.6.4, 6.6.5, 6.6.6, 6.6.7, 6.6.8, 6.6.9, 6.6.10, 6.6.11, 6.6.12, 7.0.0, 7.0.1, 7.0.2, 7.0.3, 7.0.4, 7.0.5, 7.0.6, 7.0.7, 7.0.8, 7.0.9, 7.0.10, 7.0.11, 7.1.0, 7.1.1, 7.1.2, 7.1.3, 7.1.4, 7.1.5, 7.1.6, 7.1.7, 7.1.8, 7.1.9, 7.2.0, 7.2.1, 7.2.2, 7.2.3, 7.2.4, 7.2.5, 7.2.6, 7.2.7, 7.2.8, 7.2.9, 7.3.0, 7.3.1, 7.3.2, 8.0.0


Comments

To make sure you use the right openssl-binary, i.e. e.g. /opt/splunk/bin/openssl place the named bin-directory prior to the "normal" bin-directory (/bin or /usr/bin). So you could set in your .bash_profile:

export PATH=/opt/splunk/bin:$PATH

instead of doing it the other way round (do not: PATH=$PATH:/opt/splunk/bin)

Rvany
October 18, 2017

there's a little typo : $SPLUNK_HOME/splunk/lib should be $SPLUNK_HOME/lib (as in /opt/splunk/lib)

Maraman splunk, Splunker
May 27, 2016

Was this documentation topic helpful?

Enter your email address, and someone from the documentation team will respond to you:

Please provide your comments here. Ask a question or make a suggestion.

You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters