Solved: Disable SSL validation Tenable add-on

splunk_kk · ‎05-15-2018

Hi Team,

We are using certificates on our Tenable Security Center and have disabled SSL validation in splunk under tenable add-on. The config we have done is as below:

[tenable_sc_settings]
disable_ssl_certificate_validation = 1

Just wanted to know if it only disables the verification of identity of the server and the encryption still occurs? or is it something more than that?

Thanks!

xpac · ‎05-16-2018

Disabling SSL Certificate validation (in almost any product) usually means, do not:

Check if hostname and certificate SAN match
Check if the CA that issued the certificate is trusted
Check if the certificate has expired or has been revoked

Actually, it means "Do encryption, but don't care at all about who is on the other side - if the other side supports encryption, encrypt it."

View solution in original post

xpac · ‎05-16-2018

Disabling SSL Certificate validation (in almost any product) usually means, do not:

Check if hostname and certificate SAN match
Check if the CA that issued the certificate is trusted
Check if the certificate has expired or has been revoked

Actually, it means "Do encryption, but don't care at all about who is on the other side - if the other side supports encryption, encrypt it."

Disable SSL validation Tenable add-on

AI for AppInspect

App Platform's 2025 Year in Review: A Year of Innovation, Growth, and Community

Operationalizing Entity Risk Score with Enterprise Security 8.3+

Join the Conversation

Disable SSL validation Tenable add-on

AI for AppInspect

App Platform's 2025 Year in Review: A Year of Innovation, Growth, and Community

Operationalizing Entity Risk Score with Enterprise Security 8.3+