All Apps and Add-ons

DbConnect 2.2 to 2.4 - Unable to decrypt password

New Member


Can anyone confirm that DB Connect uses identity.dat file for encryption instead of the splunk.secret file? I have copied the identity.dat file from a 2.2 system to the new 2.4 system (splunk_app_db_connect/certs directory) but no success.

File "/opt/splunk/etc/apps/splunk_app_db_connect/bin/", line 42, in decrypt
raise Exception("Unable to decrypt password, please re-enter password on identity")
Exception: Unable to decrypt password, please re-enter password on identity

0 Karma

Path Finder

Hi Paniagacing,

I've a similar situation where I get the same error "Unable to decrypt password, please re-enter password on identity".

This usually happens when I try to create an Identity via CLI (identities.conf file). Even after restarting Splunk service the error still persists. What I noticed is that, when I check the identities.conf file after restarting Splunk service, the password provided is still in clear text. It hasn't being hashed.

So to solve it, I retype the password via Web GUI in Identities and save it.

This is quite strange.

Did you face a similar situation?


New Member

After some research, I found the answer in file:

SECRET_PATH = os.path.join(utils.get_cert_dir(), 'identity.dat')
ENCRYPT_CMD = ['openssl', 'aes-256-cbc', '-e', '-base64', '-pass', 'file:' + SECRET_PATH]
DECRYPT_CMD = ['openssl', 'aes-256-cbc', '-d', '-base64', '-pass', 'file:' + SECRET_PATH]


0 Karma
Get Updates on the Splunk Community!

Index This | Why do they call it hyper text?

November 2023 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

State of Splunk Careers 2023: Career Resilience and the Continued Value of Splunk

For the past three years, Splunk has partnered with Enterprise Strategy Group to conduct a survey that gauges ...

The Great Resilience Quest: 9th Leaderboard Update

The ninth leaderboard update (11.9-11.22) for The Great Resilience Quest is out >> Kudos to all the ...