-
Print
-
DarkLight
-
PDF
On-Premises Insights (IOP 3.X) - SSL
-
Print
-
DarkLight
-
PDF
The default installation does not include SSL.
However, implementing SSL is simple and recommended.
Follow the following steps:
Secure the Web with your own certificate
This example assumes that you already generated self-signed certificates or purchased third-party certificates. If you have not done this and are unsure how to proceed, we've provided some simple examples:
IOP currently does not support password-protected private keys. You should remove the password from your key before configuring IOP for the certificate.
Before you begin: Copy your certificates to a new folder
Copy the server certificate to $IOP_HOME/etc/auth/splunkweb
or to your own certificate repository in $IOP_HOME/etc/auth
.
In the following example, our web certificate is called myIOPCertificate.pem
and our private key is called myIOPPrivateKey.key
:
*nix:
# cp $IOP_HOME/etc/auth/mycerts/myIOPCertificate.pem $IOP_HOME/etc/auth/mycerts/myIOPPrivateKey.key $IOP_HOME/etc/auth/splunkweb
Windows:
copy $IOP_HOME\etc\auth\mycerts\myIOPCertificate.pem $IOP_HOME\etc\auth\splunkweb\copy $IOP_HOME\etc\auth\mycerts\myIOPPrivateKey.key $IOP_HOME\etc\auth\splunkweb\
Do not overwrite or delete the existing certificates located in $IOP_HOME/etc/auth/splunkweb/
. The certificates at this location are automatically generated upon startup, meaning that any changes you make will be overwritten at startup. Instead, in the next steps, we will rewrite the relevant configuration file to point to your new certificate location.
Configure IOP to use the key and certificate files
IOP does not support passwords for private keys, so you must remove the password from the key before using the key to secure Web.
- In
$IOP_HOME/etc/system/local/web.conf
(or any other applicable location, if you are using a deployment server), make the following changes to the[settings]
stanza. The file paths can be set either using relative or absolute paths. Both of the following examples are equivalent if $IOP_HOME is set to d:/myroot/home.
The following is an example of an edited settings stanza using a path relative to
$IOP_HOME:
[settings]
# Example of using path relative to $IOP_HOME
enableSplunkWebSSL = true
privKeyPath = etc/auth/mycerts/mySplunkWebPrivateKey.key
serverCert = etc/auth/mycerts/mySplunkWebCertificate.pem
The following is an example of an edited settings stanza using a path relative to
$IOP_HOME:
[settings]
# Example of using absolute path enableSplunkWebSSL = true
privKeyPath=d:/myroot/home/etc/auth/mycerts/mySplunkWebPrivateKey.key
serverCert=d:/myroot/home/etc/auth/mycerts/mySplunkWebCertificate.pem
- Restart the service: # $IOP_HOME/bin/splunk restart splunk service
- To change the Console URL to open as https (instead of http), go to the On-Prem server > Open the regedit.exe Change the UseSSL to 1 under the HKEY_LOCAL_MACHINE\SOFTWARE\Smart-X\ControlUpServer\IOP