Can someone assist in explaining the difference between setting the Cribl General TLS settings versus the distributed TLS settings and what server certificates need to be applied? Where do we need to put the server.pem certs versus the web certs? Currently I am using mutual authentication and each host has their own self-signed certificates.
Depending on what you want to secure with TLS you will set it up in a different spot.
The General TLS settings set up TLS for the Browser to Leader communications.
The distributed TLS settings are for Worker to Leader communications.
Here is an excellent doc on securing stream. Securing Cribl Stream | Cribl Docs
I use this to determine where to put the Certificates. You can see if you are doing Worker to Leader communications the Worker is the Client and the Leader is the Server. So you will need to put the according certs on each one.
Here is an excellent blog on securing Worker to Leader communications with mTLS. This should also help you determine what certs need to go where. https://cribl.io/blog/how-to-secure-logstream-worker-to-leader-communications/
Thank you for he information