Insight on my problem below is appreciated!
I am using DB Connect to attempt to connect to a MSSQL database. When I Save/Edit the connection I get the following error from Splunkweb:
The driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption. Error: "Certificates do not conform to algorithm constraints". ClientConnectionId:XXXXXXXXXXXXXXXXXX
And the following (combination) error from splunk_app_db_connect_server.log and splunk_app_db_connect_audit_server.log:
com.microsoft.sqlserver.jdbc.SQLServerException: The driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption. Error: "Certificates do not conform to algorithm constraints". ClientConnectionId:XXXXXXXXXXXXXXXXXX
...........................
Caused by: java.security.cert.CertPathValidatorException: Algorithm constraints check failed on signature algorithm: SHA1withRSA
at java.base/sun.security.provider.certpath.AlgorithmChecker.check(AlgorithmChecker.java:237)
at java.base/sun.security.ssl.AbstractTrustManagerWrapper.checkAlgorithmConstraints(SSLContextImpl.java:1661)
... 99 common frames omitted
Collapse
I have tried the following to resolve the problem with no luck:
|----|----|----|----|----|
| DB Connect |
| Troubleshooting Tools |
|----|----|----|----|----|
Which tool do you want to use?
1. Troubleshoot Starts
2. Services Status
3. Troubleshoot Connections
4. Troubleshoot Inputs
: 3
Troubleshoot Connections
Splunk URL: localhost
Splunk management port: 8089
Splunk username (Default value is <admin>): admin
admin
Splunk password:
********
Connection name: MY_CONNECTION
Connector path: %PATH_TO_CONNECTOR_JAR%
JDBC path: %PATH_TO_JDBC_DRIVER_JAR%
Which leads to the following output
An error occurred while trying to get the connection with the name : MY_CONNECTION. Error message: Data must be padded to 16 byte boundary in CBC mode
In addition, here is some information regarding my environment:
Here are my findings from a case I opened on this issue a while back. This fixed it for me.
Splunk verifies the TLS certificates using SHA-1 cryptography. The default policy on the Linux server needed to be updated to SHA-1.
update-crypto-policies --set DEFAULT:SHA1
Hello,
I have the same problem. Anyone can help?
Here are my findings from a case I opened on this issue a while back. This fixed it for me.
Splunk verifies the TLS certificates using SHA-1 cryptography. The default policy on the Linux server needed to be updated to SHA-1.
update-crypto-policies --set DEFAULT:SHA1
Thank you for posting your solution. This was our problem after migration to RHEL9 and your solution fixed it.