Following is the error after i update web.conf with certificate and keys i have from a CA authority.
Splunk> CSI: Logfiles.
Checking prerequisites...
Checking http port [8000]: open
Checking mgmt port [8089]: open
Checking appserver port [127.0.0.1:8065]: open
Checking kvstore port [8191]: open
Checking configuration... Done.
Checking critical directories... Done
Checking indexes...
Validated: _xxxxxx
Done
Checking filesystem compatibility... Done
Checking conf files for problems...
Done
Checking default conf files for edits...
Validating installed files against hashes from '/opt/splunk/splunk-7. 2.3-06d57c595b80-linux-2.6-x86_64-manifest'
File '/opt/splunk/etc/system/default/web.conf' changed.
Problems were found, please review your files and move customizations to local
All preliminary checks passed.
+++ FIX +++
Issue was fixed by copying certificate files to mycert directory i.e default directory with splunk installation. for my case opt/splunk/etc/auth directory, and use the relative path in config file rather than absolute.
↧