- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Insight on my problem below is appreciated!
I am using DB Connect to attempt to connect to a MSSQL database. When I Save/Edit the connection I get the following error from Splunkweb:
The driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption. Error: "Certificates do not conform to algorithm constraints". ClientConnectionId:XXXXXXXXXXXXXXXXXX
And the following (combination) error from splunk_app_db_connect_server.log and splunk_app_db_connect_audit_server.log:
com.microsoft.sqlserver.jdbc.SQLServerException: The driver could not establish a secure connection to SQL Server by using Secure Sockets Layer (SSL) encryption. Error: "Certificates do not conform to algorithm constraints". ClientConnectionId:XXXXXXXXXXXXXXXXXX
...........................
Caused by: java.security.cert.CertPathValidatorException: Algorithm constraints check failed on signature algorithm: SHA1withRSA
at java.base/sun.security.provider.certpath.AlgorithmChecker.check(AlgorithmChecker.java:237)
at java.base/sun.security.ssl.AbstractTrustManagerWrapper.checkAlgorithmConstraints(SSLContextImpl.java:1661)
... 99 common frames omitted
Collapse
I have tried the following to resolve the problem with no luck:
- Added the following to the DB Connect Task Server JVM Options:
-Djdk.tls.client.protocols="TLSv1,TLSv1.1,TLSv1.2" - Added the following parameters to the JDBC url:
encrypt=true;trustServerCertificate=true; - I have also installed and attempted to run the DB Connect troubleshooting tool (ran using the following command: python3 -m troubleshooting_tools.start)
|----|----|----|----|----|
| DB Connect |
| Troubleshooting Tools |
|----|----|----|----|----|
Which tool do you want to use?
1. Troubleshoot Starts
2. Services Status
3. Troubleshoot Connections
4. Troubleshoot Inputs
: 3
Troubleshoot Connections
Splunk URL: localhost
Splunk management port: 8089
Splunk username (Default value is <admin>): admin
admin
Splunk password:
********
Connection name: MY_CONNECTION
Connector path: %PATH_TO_CONNECTOR_JAR%
JDBC path: %PATH_TO_JDBC_DRIVER_JAR%
Which leads to the following output
An error occurred while trying to get the connection with the name : MY_CONNECTION. Error message: Data must be padded to 16 byte boundary in CBC mode
In addition, here is some information regarding my environment:
- OS Oracle Linux 9
- Splunk Enterprise Splunk 9.1.0.2
- Splunk DB Connect 3.14.1
- Splunk DBX Add-on for Microsoft SQL Server JDBC 1.2.0
- Manually installed additional Microsoft JDBC Driver 12.4 for SQL Server driver mssql-jdbc-12.4.1.jre11.jar
- ***The above errors are occurring for both Connection Types.
- JAVA openjdk 11.0.20
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Here are my findings from a case I opened on this issue a while back. This fixed it for me.
Splunk verifies the TLS certificates using SHA-1 cryptography. The default policy on the Linux server needed to be updated to SHA-1.
update-crypto-policies --set DEFAULT:SHA1- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello,
I have the same problem. Anyone can help?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Here are my findings from a case I opened on this issue a while back. This fixed it for me.
Splunk verifies the TLS certificates using SHA-1 cryptography. The default policy on the Linux server needed to be updated to SHA-1.
update-crypto-policies --set DEFAULT:SHA1- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thank you for posting your solution. This was our problem after migration to RHEL9 and your solution fixed it.
