We are using certificates on our Tenable Security Center and have disabled SSL validation in splunk under tenable add-on. The config we have done is as below:
disable_ssl_certificate_validation = 1
Just wanted to know if it only disables the verification of identity of the server and the encryption still occurs? or is it something more than that?
Disabling SSL Certificate validation (in almost any product) usually means, do not:
Actually, it means "Do encryption, but don't care at all about who is on the other side - if the other side supports encryption, encrypt it."
View solution in original post