https://community.splunk.com/t5/Security/Issues-using-the-ciphersuite-in-the-server-conf/m-p/25913#M854 <P>We cannot be specific about forthcoming release milestones, but suffice it to say that we understand the need to specify cipher suites in web.conf.</P> Thu, 08 Sep 2011 15:57:04 GMT araitz 2011-09-08T15:57:04Z https://community.splunk.com/t5/Security/Issues-using-the-ciphersuite-in-the-server-conf/m-p/25910#M851 <P>Hello,</P> <P>We are running Splunk 4.1.4 and I have enabled sslv3 and that works fine, however I am unable to specify (and make work) strong ciphers. </P> <P>We need to specifically disable DES-CBC-SHA</P> <P>When running btool debug I see the ciphers being specified but I still can connect to the web interface.</P> <PRE><CODE>system [SSL] system cipherSuite = HIGH:MEDIUM system [default] voxeoui [settings] system SSOMode = permissive </CODE></PRE> <P>HELP!</P> Thu, 13 Jan 2011 14:45:43 GMT https://community.splunk.com/t5/Security/Issues-using-the-ciphersuite-in-the-server-conf/m-p/25910#M851 voxeoandree 2011-01-13T14:45:43Z https://community.splunk.com/t5/Security/Issues-using-the-ciphersuite-in-the-server-conf/m-p/25911#M852 <P>The cipher suite that you have specified in server.conf is effective for the SSL/TLS of splunkd's management port (port 8089 by default).</P> <P><STRONG>UPDATE:</STRONG> although in 4.0 through 4.2.5 it is not possible to specify a cipher suite for Splunk Web (port 8000 by default), in Splunk 4.3 and beyond, web.conf does accept the cipherSuite setting; see <A href="http://blogs.splunk.com/2012/01/10/splunk4-3-shiny-new-security-features/">this link</A> for more information.</P><P></P> Fri, 14 Jan 2011 05:01:48 GMT https://community.splunk.com/t5/Security/Issues-using-the-ciphersuite-in-the-server-conf/m-p/25911#M852 araitz 2011-01-14T05:01:48Z https://community.splunk.com/t5/Security/Issues-using-the-ciphersuite-in-the-server-conf/m-p/25912#M853 <P>It looks like the most recent version of CherryPy (3.2: <A href="http://www.cherrypy.org/wiki/WhatsNewIn32#SSL">http://www.cherrypy.org/wiki/WhatsNewIn32#SSL</A>) allows the use of the Python ssl module, which I believe would allow for the selection of cipher suites. Any word on when this support will be available in Splunk?</P> Thu, 08 Sep 2011 00:40:50 GMT https://community.splunk.com/t5/Security/Issues-using-the-ciphersuite-in-the-server-conf/m-p/25912#M853 dshpritz 2011-09-08T00:40:50Z https://community.splunk.com/t5/Security/Issues-using-the-ciphersuite-in-the-server-conf/m-p/25913#M854 <P>We cannot be specific about forthcoming release milestones, but suffice it to say that we understand the need to specify cipher suites in web.conf.</P> Thu, 08 Sep 2011 15:57:04 GMT https://community.splunk.com/t5/Security/Issues-using-the-ciphersuite-in-the-server-conf/m-p/25913#M854 araitz 2011-09-08T15:57:04Z https://community.splunk.com/t5/Security/Issues-using-the-ciphersuite-in-the-server-conf/m-p/25914#M855 <P>Looks like this is addressed by Splunk 4.3:<BR /> <A href="http://blogs.splunk.com/2012/01/10/splunk4-3-shiny-new-security-features/">http://blogs.splunk.com/2012/01/10/splunk4-3-shiny-new-security-features/</A></P> Tue, 10 Jan 2012 17:54:00 GMT https://community.splunk.com/t5/Security/Issues-using-the-ciphersuite-in-the-server-conf/m-p/25914#M855 dshpritz 2012-01-10T17:54:00Z