SSL Certificates in truststores about splunk-sdk-java HOT 3 OPEN

Hi @jkozlowski , we are looking at couple of approaches for SSL security through SDK using self signed or Splunk generated SSL certificates. We would like to hear from you as well, if you have any suggestions for the same.

from splunk-sdk-java.

Hey @ashah-splunk, thanks for coming back to me.

The way I would solve this is how I already outlined it: your splunk server is responsible for deploying applications and is therefore a trusted piece of infrastructure. It should provide a path to a truststore file with a certificate that should be trusted when talking back to it, same way you provide the session key and host information.

Technically this information is already I’m the splunk config, I was looking through the APIs you provide for reading config, but I think it’s per app? My preference is still for the server to provide all this config to the app, but whatever you come up with here is obviously not going to be backwards compatible, is there a way right now for me to read the splunk config somehow? Other than assuming I’m running on the same host and trying to find it on local disk?

I think this is a pretty important problem to solve for a security product, so would appreciate some guidance and a way forward.

from splunk-sdk-java.

Another question: the value of server_uri passed to a modular input from my observation (from deploying a splunk docker container locally) is always something like https://127.0.0.1:<port>; whereas server_host contains the actual hostname, that I presume the certificate presented by splunkd will be signed for. I think that means I should splice the hostname into the uri to make sure that certificate checking works?

from splunk-sdk-java.