Configure Firewall Certificates

In this step, you can specify the device certificate to be used for sending events securely to Splunk. This step is optional. It is applicable only if you use the TLS protocol to send events to Splunk.

Before you begin

You can configure the certificates when you have set TLS protocol while configuring the Splunk server. Add certificate object for these clients:

For Firewall Management Center, use internal certificate objects for authentication.
For Firewall Threat Defense, use a certificate enrollment object. First, create the object at Objects > Object Management > PKI > Certificate Enrollment. Then, enroll the certificate on a device at Devices > Certificates.

Procedure

Step 1	From the Firewall Management Center client certificate drop-down list, choose the certificate. To create an internal certificate, click Create.
Step 2	In the Firewall Threat Defense certificates box, use the search box to choose the device whose certificate you want to assign.
Step 3	From the Certificates drop-down list, choose the certificate. Only successfully enrolled device certificates are listed. To enroll a new device certificate, click Create.
Step 4	(Optional) To cancel the creation of the Splunk profile, click Cancel.
Step 5	(Optional) To go back to the previous step, click Back.
Step 6	To move to the next step in the Splunk configuration, click Next.