topic Re: Disable SSL Communication in Security

Disable SSL Communication

cuppma — Wed, 23 Apr 2014 21:22:57 GMT

I was wondering the best way to disable SSL communications between my forwarder and Splunk instance. My certificates have expired and I want my logs to get to Splunk. I know can reissue certificates, but I determined that this is no longer necessary. So what do I need to do to just disable this?

Do I need to change a setting in outputs.conf on the forwarder?

Thanks in advance!

Re: Disable SSL Communication

MuS — Thu, 24 Apr 2014 07:24:23 GMT

Hi cuppma,

basically you do the reverse version of the docs about Configure Splunk forwarding to use the default certificate. First make sure your indexer is receiving on a non-SSL Port, next you remove the SSL settings from your UF outputs.conf to something like this:

[tcpout:group1]
server=some IP:some Port

Hope this helps to get you started ...

cheers, MuS