All Apps and Add-ons

DbConnect 2.2 to 2.4 - Unable to decrypt password

paniaguacinq
New Member

Hi,

Can anyone confirm that DB Connect uses identity.dat file for encryption instead of the splunk.secret file? I have copied the identity.dat file from a 2.2 system to the new 2.4 system (splunk_app_db_connect/certs directory) but no success.

File "/opt/splunk/etc/apps/splunk_app_db_connect/bin/dbxcrypto.py", line 42, in decrypt
raise Exception("Unable to decrypt password, please re-enter password on identity")
Exception: Unable to decrypt password, please re-enter password on identity

0 Karma

splunk_kk
Path Finder

Hi Paniagacing,

I've a similar situation where I get the same error "Unable to decrypt password, please re-enter password on identity".

This usually happens when I try to create an Identity via CLI (identities.conf file). Even after restarting Splunk service the error still persists. What I noticed is that, when I check the identities.conf file after restarting Splunk service, the password provided is still in clear text. It hasn't being hashed.

So to solve it, I retype the password via Web GUI in Identities and save it.

This is quite strange.

Did you face a similar situation?

Regards,

paniaguacinq
New Member

After some research, I found the answer in dbxcrypto.py file:

SECRET_PATH = os.path.join(utils.get_cert_dir(), 'identity.dat')
ENCRYPT_CMD = ['openssl', 'aes-256-cbc', '-e', '-base64', '-pass', 'file:' + SECRET_PATH]
DECRYPT_CMD = ['openssl', 'aes-256-cbc', '-d', '-base64', '-pass', 'file:' + SECRET_PATH]

closed!

0 Karma
Get Updates on the Splunk Community!

Unlock New Opportunities with Splunk Education: Explore Our Latest Courses!

At Splunk Education, we’re dedicated to providing top-tier learning experiences that cater to every skill ...

Technical Workshop Series: Splunk Data Management and SPL2 | Register here!

Hey, Splunk Community! Ready to take your data management skills to the next level? Join us for a 3-part ...

Spotting Financial Fraud in the Haystack: A Guide to Behavioral Analytics with Splunk

In today's digital financial ecosystem, security teams face an unprecedented challenge. The sheer volume of ...