All Apps and Add-ons
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

DbConnect 2.2 to 2.4 - Unable to decrypt password

paniaguacinq
New Member
‎03-22-2017 07:04 AM

Hi,

Can anyone confirm that DB Connect uses identity.dat file for encryption instead of the splunk.secret file? I have copied the identity.dat file from a 2.2 system to the new 2.4 system (splunk_app_db_connect/certs directory) but no success.

File "/opt/splunk/etc/apps/splunk_app_db_connect/bin/dbxcrypto.py", line 42, in decrypt
raise Exception("Unable to decrypt password, please re-enter password on identity")
Exception: Unable to decrypt password, please re-enter password on identity

0 Karma
Reply

splunk_kk
Path Finder
‎06-25-2017 11:31 PM

Hi Paniagacing,

I've a similar situation where I get the same error "Unable to decrypt password, please re-enter password on identity".

This usually happens when I try to create an Identity via CLI (identities.conf file). Even after restarting Splunk service the error still persists. What I noticed is that, when I check the identities.conf file after restarting Splunk service, the password provided is still in clear text. It hasn't being hashed.

So to solve it, I retype the password via Web GUI in Identities and save it.

This is quite strange.

Did you face a similar situation?

Regards,

Reply

paniaguacinq
New Member
‎03-25-2017 04:30 AM

After some research, I found the answer in dbxcrypto.py file:

SECRET_PATH = os.path.join(utils.get_cert_dir(), 'identity.dat')
ENCRYPT_CMD = ['openssl', 'aes-256-cbc', '-e', '-base64', '-pass', 'file:' + SECRET_PATH]
DECRYPT_CMD = ['openssl', 'aes-256-cbc', '-d', '-base64', '-pass', 'file:' + SECRET_PATH]

closed!

0 Karma
Reply
Get Updates on the Splunk Community!

Observe and Secure All Apps with Splunk

  Join Us for Our Next Tech Talk: Observe and Secure All Apps with SplunkAs organizations continue to innovate ...

Splunk Decoded: Business Transactions vs Business IQ

It’s the morning of Black Friday, and your e-commerce site is handling 10x normal traffic. Orders are flowing, ...

Fastest way to demo Observability

I’ve been having a lot of fun learning about Kubernetes and Observability. I set myself an interesting ...