All Apps and Add-ons
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Disable SSL validation Tenable add-on

splunk_kk
Path Finder
‎05-15-2018 10:57 PM

Hi Team,

We are using certificates on our Tenable Security Center and have disabled SSL validation in splunk under tenable add-on. The config we have done is as below:

[tenable_sc_settings]
disable_ssl_certificate_validation = 1

Just wanted to know if it only disables the verification of identity of the server and the encryption still occurs? or is it something more than that?

Thanks!

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

xpac
SplunkTrust
SplunkTrust
‎05-16-2018 04:01 AM

Disabling SSL Certificate validation (in almost any product) usually means, do not:

  • Check if hostname and certificate SAN match
  • Check if the CA that issued the certificate is trusted
  • Check if the certificate has expired or has been revoked

Actually, it means "Do encryption, but don't care at all about who is on the other side - if the other side supports encryption, encrypt it."

View solution in original post

Reply
Solved! Jump to solution
Solution

xpac
SplunkTrust
SplunkTrust
‎05-16-2018 04:01 AM

Disabling SSL Certificate validation (in almost any product) usually means, do not:

  • Check if hostname and certificate SAN match
  • Check if the CA that issued the certificate is trusted
  • Check if the certificate has expired or has been revoked

Actually, it means "Do encryption, but don't care at all about who is on the other side - if the other side supports encryption, encrypt it."

Reply
Get Updates on the Splunk Community!

Observe and Secure All Apps with Splunk

  Join Us for Our Next Tech Talk: Observe and Secure All Apps with SplunkAs organizations continue to innovate ...

Splunk Decoded: Business Transactions vs Business IQ

It’s the morning of Black Friday, and your e-commerce site is handling 10x normal traffic. Orders are flowing, ...

Fastest way to demo Observability

I’ve been having a lot of fun learning about Kubernetes and Observability. I set myself an interesting ...