Is it possible to disable certificate validation when connecting a Splunk Search Collector?

guifue

Hello, we are triying to setup a Splunk Search collector, against an on-prem splunk with a self signed certificate. Is it possible to disable certificate validation?

xpac xpac

How do I add a set of trusted root CAs to the list of trusted CAs that Cribl Stream trusts?
Set this environment variable in each Worker Node's environment (e.g., in its systemd unit file): NODE_EXTRA_CA_CERTS=/path/to/file_with_certs.pem. For details, see the nodejs docs.

So you cann add your self-signed CA via this method

There's also a way to disable ALL verification but I won't post that here because I refuse to support that 😜

Stolen from  https://docs.cribl.io/stream/securing-and-monitoring/ btw

xpac xpac

How do I add a set of trusted root CAs to the list of trusted CAs that Cribl Stream trusts?
Set this environment variable in each Worker Node's environment (e.g., in its systemd unit file): NODE_EXTRA_CA_CERTS=/path/to/file_with_certs.pem. For details, see the nodejs docs.

So you cann add your self-signed CA via this method

There's also a way to disable ALL verification but I won't post that here because I refuse to support that 😜

Stolen from  https://docs.cribl.io/stream/securing-and-monitoring/ btw

guifue

Perfect! Thanks!!