Cisco Cisco Content Delivery Engine 110 Guide De Montage
July 2016
Problem Statement
Splunk forwarder in VDS-IS uses HTTPS certificate for intercommunication between its modules. This
certificate is getting expired on July 21
certificate is getting expired on July 21
st
2016. Post this date on expiry of the certificate, the Splunk will
not be able to communicate internally and all the Splunk communication will be affected.
HTTPS certificate validity should be extended for seamless operation between VDS-IS and VDS-SM.
All the VDS-IS software versions 3.3.x, 4.1.x, 4.2.x, and 4.3.1 will be affected.
Cisco Recommendation and Instruction
VDS-IS customers who are using Splunk on the VDS-IS software version 3.3.x, 4.1.x, 4.2.x and 4.3.1 need
to install the patch immediately for seamless operation.
to install the patch immediately for seamless operation.
The patch must be installed in both the Service Engines and Service Routers.
To extend the Splunk HTTPS certificate validity, download VDS-IS Splunk Patch from
VDS-SW Version
VDS-IS Splunk Patch required?
4.3.2 b11
No
4.3.1 b14
Yes
4.2.1 b8
Yes
4.1.2 b2
Yes
4.1.1 b19
Yes
4.0.0 b160
Yes
3.3.1 b101
Yes
3.2.1 b15
Yes
Customers installing or upgrading to VDS-IS Release 4.3.2, need not apply the patch as this is taken care
in the VDS-IS software version 4.3.2.
in the VDS-IS software version 4.3.2.
Instruction on Patch Update
The VDS-IS Splunk patch (File Name: splunk_cert_patch.sh.signed)
can be downloaded from Release
To install the patch, perform the following procedure.
Note: Splunk configurations must be enabled in the Service Engine and Service Router before applying
the patch.
the patch.
1. Download the script to VDS-IS Service Engine & Service Router.
2. Validate the script – splunk_cert_patch.sh.signed using “script check <file name> “
3. Execute the script – splunk_cert_patch.sh.signed using “script execute <file name>”
2. Validate the script – splunk_cert_patch.sh.signed using “script check <file name> “
3. Execute the script – splunk_cert_patch.sh.signed using “script execute <file name>”
UCS280-QA-02#script check splunk_cert_patch.sh.signed
Script file splunk_cert_patch.sh.signed is valid.
UCS280-QA-02#script execute splunk_cert_patch.sh.signed
Script file splunk_cert_patch.sh.signed is valid.
UCS280-QA-02#script execute splunk_cert_patch.sh.signed