We have updated our Terms of Service, Code of Conduct, and Addendum.

Unable to use multiple certificates and passphrases for Splunk TCP Source

Valeriu Sarghe
Valeriu Sarghe Posts: 6

Hello,

In a Cribl Distributed Deployment, with one Worker Group, and 2 Worker Nodes in this Worker Group, with a Source Splunk TCP enabled, and TLS enabled from Leader Node, It is not possible to use a unique certificate and passphrase for each Worker Node.
It is possible, to have each Worker Node in a different Worker Group. But that means all the settings must be the same (Sources, Destination, Routes, Pipelines). That means in the end that the use of Leader Node is useless.
Is that correct?
Can we improve that? Or make an enhancement?

Thank you!
Best regards,
Vali

Answers

  • Jon Rust
    Jon Rust Posts: 458 mod
    edited July 2023

    You can specify the location of the keypair on the filesystem. Then you only need to make sure every worker has their unique key in the right location. It just means youre not using the Leader to manage this part. The pic below is from a source config TLS screen:

  • Valeriu Sarghe
    Valeriu Sarghe Posts: 6

    Hello John,

    Is this topic on the roadmap so far?

    Thanks!

  • Valeriu Sarghe
    Valeriu Sarghe Posts: 6

    Does anyone know if the implementation of using different passphrases for each certificate is on the roadmap?

  • Valeriu Sarghe
    Valeriu Sarghe Posts: 6

    Hi @Jon Rust
    Is the implementation of using different passphrases for each certificate on the roadmap?

  • Hi @Jon Rust any news here?

  • Jon Rust
    Jon Rust Posts: 458 mod

    There isn't a current plan to add support for unique certs per worker in a worker group.