Collector pods can't forward logs to splunk due to self-signed certificate in RHOCP 4

Solution Verified - Updated -

Issue

  • Collector pods can't send logs to external Splunk when using secured communication.

  • Collector pods stream below logs:

    212023-03-27T19:36:21.892890Z ERROR vector::topology::builder: msg="Healthcheck: Failed Reason." error=Failed to make HTTP(S) request: error trying to connect: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed:ssl/statem/statem_clnt.c:1915:: self signed certificate in certificate chain component_kind="sink" component_type="splunk_hec" component_id=splunk_receiver component_name=splunk_receiver

222023-03-27T19:36:22.917402Z ERROR sink{component_kind="sink" component_id=splunk_receiver component_type=splunk_hec component_name=splunk_receiver}:request{request_id=0}:http: vector::internal_events::http_client: HTTP error. error=error trying to connect: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed:ssl/statem/statem_clnt.c:1915:: self signed certificate in certificate chain error_type="request_failed" stage="processing"

Environment

  • Red Hat OpenShift Container Platform (RHOCP)
    • 4.10+
  • Red Hat OpenShift Logging (RHOL)
    • 5.6+

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content