Topics on this page

Configure a CA certificate using the CLI

If you require CA certificate validation, you can use the CLI to add the certificate. Make sure you add the CA certificate before you configure your Splunk server.


NOTE

Use only the Network Security interface to configure your Splunk server (Network > Appliances > appliancename > Splunk). Using the CLI for this configuration will create a second server, which is not permitted.


(Optional) To add your CA certificate from a command shell:

    yourvirtualappliance{}edit  
    yourvirtualappliance{running}certificates  
    yourvirtualappliance{running-certificates}ca-certificate myca  
    Please enter the PEM encoded CA certificate contents (including  
    BEGIN CERTIFICATE and END CERTIFICATE lines):  
    -----BEGIN CERTIFICATE-----  
    <certificate text>  
    -----END CERTIFICATE-----  
    yourvirtualappliance{running-certificates}commit  
    yourvirtualappliance{running-certificates}exit
    yourvirtualappliance{running}exit
    yourvirtualappliance{}save-config -y

Ensure that you enter the save-config command so that the certificate will not be lost after a reboot. If no certificate is specified, your appliance will accept any certificate. If the appliance has multiple CA certificates, validation occurs against any of them and not just the one you specify.