If you're sending data to a Splunk Enterprise indexer that uses mTLS, then you need to have TLS certificates that the Edge Processor can use to prove its identity to the indexer.

Obtain the following certificates, contained in separate Privacy Enhanced Mail (PEM) files:

• A client certificate.
• The private key associated with that client certificate. This private key must be decrypted.
• The CA certificates used to verify the indexer.

If you don't have these PEM files, ask your Splunk Enterprise administrator for assistance. See the Secure Splunk platform communications with Transport Layer Security certificates chapter of the Securing Splunk Enterprise manual for more information.