You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I am looking for guidance around SSL certificates for talking to Splunk for an app (data input) implemented using your Java SDK. We have an app currently available in splunkbase: https://classic.splunkbase.splunk.com/app/4310/ implemented using the splunk-sdk-java.
When users of our app tries to validateInput or streamEvents, they see the error PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target.
Looks like this happens because the certificate presented by their local splunk instance cannot be validated by the splunk-sdk-java code as it in not present in their local trust store.
The present workaround we suggest to our customers, is to manually export this cert and import it into their local java cacerts store. This is not always practical, as the location of truststore can vary for each customer and also in case of splunk cloud, customer would need to contact splunk support to make this change as they don't have access to the actual machines.
I see there are multiple open similar issues: #209, #204, #185
Hi @jrobins04 sorry for the delay in the response. We are working on a feature to enable passing and validation of SSL certificate. Once we have the feature fully developed and merged, will publish a new SDK release with the feature. Will keep you updated for the same.
I am looking for guidance around SSL certificates for talking to Splunk for an app (data input) implemented using your Java SDK. We have an app currently available in splunkbase: https://classic.splunkbase.splunk.com/app/4310/ implemented using the splunk-sdk-java.
When users of our app tries to
validateInput
orstreamEvents
, they see the errorPKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
.Looks like this happens because the certificate presented by their local splunk instance cannot be validated by the splunk-sdk-java code as it in not present in their local trust store.
The present workaround we suggest to our customers, is to manually export this cert and import it into their local java cacerts store. This is not always practical, as the location of truststore can vary for each customer and also in case of splunk cloud, customer would need to contact splunk support to make this change as they don't have access to the actual machines.
I see there are multiple open similar issues: #209, #204, #185
Also, we do not want the
setValidateCertificates
set tofalse
-> https://docs.splunk.com/DocumentationStatic/JavaSDK/1.9.4/com/splunk/HttpService.html#validateCertificatesFor PROD environment, TRUE is strongly recommended, whereas working in localhost OR development environment, FALSE is used.
Do you have any workarounds or possible solution for this issue? Any help would be appreciated.
The text was updated successfully, but these errors were encountered: