Hey Splunkers,
This maybe less of a question and more of a comment. The "Configure Splunk forwarding to use signed certificates" documentation states you should configure:
sslPassword = The password for the CAcert
Obviously your not going to put the CA's secret password on a forwarder. I assume the intention is to say you would put the forwarder's certificate password here as entered by the CA when creating the cert. I believe this is poor verbiage.
In a related note - should you set a challenge password for this cert?
https://docs.splunk.com/Documentation/Splunk/7.2.5/Security/ConfigureSplunkforwardingtousesignedcertificates
↧