About the Splunk server certificate
The following instructions explain how to download and import the Splunk server's server certificate into the NetIM Manager's truststore. Convenience scripts and files are located on the Manager.
Downloading and importing a certificate
1. Log in to the NetIM server.
2. Within netimsh shell, stop all the core and Manager services by running stop all on both the Core and Manager.
3. Enter the bash shell on the Manager by typing bash.
4. Change your working directory to the truststore directory by typing cd ~/common/tenant-stack/1/truststore/.
5. Run the generate_cert.sh script:
sudo ./generate_cert.sh <server-address>:<port>
For example: sudo ./generate_cert.sh amazon.com:443
6. Import the certificate into your truststore:
For example: sudo ./import_cert.sh mycertfile.pem myaliasname
7. In the netimsh, start the NetIM services using start all on Manager. After all required swarm services have started, use start all on core to start all core services.
Certificate management files
truststore-password.txt—Contains the password to be used to manage the truststore. By default, the password is changeit.
truststore-type.txt—Contains the type of the truststore; by default it is JKS format, which is Java key store.
truststore—A binary file that, by default, contains the default root certificates available with Java installs.
Certificate generation and import commands
generate_cert.sh <server-address>:<port>—Connects to the server address and port provided and downloads the certificate in the PEM format and names the file mycertfile.pem.
import_cert.sh <certificate-file-name> <alias name>—Imports the given certificate into the truststore with the given truststore password.