All Apps and Add-ons
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

SA-ldapsearch error SSL configuration issue: sslVersions=""['tls1.2']"" is an invalid combination

jgoddard
Path Finder
‎09-11-2015 03:20 PM

This is the only error that I get, no further information, and so far i haven't been able to run the python from the cli to see if I can get any more information. I have pinned splunkweb to TLS1.2 for quite a while, have had no other issues. My ldap authentication for splunkweb is functioning fine. I don't see this error on answers, and I am confused.

I had suspected that this was a Cert issue, but after doing a lot of checking, I believe it is an issue with the SA-ldapsearch configs.

It appears that even though server.conf understands "tls1.2" as an sslVersion= value for the sslConfig stanza, SA-ldapsearch does NOT. I changed, in $SPLUNK_HOME/etc/apps/SA-ldapsearch/local/ssl.conf to have:
[sslConfig]
sslVersions=tls

and everthing is working. I would like to request an enhancement to SA-ldapsearch such that it understands the sslVersion string of tls1.2

Reply

jamesarmitage
Path Finder
‎11-30-2015 02:39 PM

If you edit SA-ldapsearch/bin/packages/app/configuration.py you can fix the error:

Lines 291-292:

 291         elif not protocol_set.symmetric_difference(('tls1.0',)):
 292             version = ssl.PROTOCOL_TLSv1

append the following (do not include the line numbers):

 293         elif not protocol_set.symmetric_difference(('tls1.2',)):
 294             version = ssl.PROTOCOL_TLSv1

For completeness you might want to add a test for tls1.1, this doesn't apply in my case.

Reply

jamesarmitage
Path Finder
‎09-17-2015 10:31 AM

If you edit SA-ldapsearch/bin/packages/app/configuration.py you can fix the error:

Lines 291-292:

291         elif not protocol_set.symmetric_difference(('tls1.0',)):
292             version = ssl.PROTOCOL_TLSv1

append the following (do not include the line numbers):

293         elif not protocol_set.symmetric_difference(('tls1.2',)):
294             version = ssl.PROTOCOL_TLSv1

For completeness you might want to add a test for tls1.1, this doesn't apply in my case.

Reply

jgoddard
Path Finder
‎09-17-2015 10:37 AM

Thanks a lot for that tip, James. I will deploy and verify that gets rid of the error I was having.

0 Karma
Reply
Get Updates on the Splunk Community!

Splunk + ThousandEyes: Correlate frontend, app, and network data to troubleshoot ...

 Are you tired of troubleshooting delays caused by siloed frontend, application, and network data? We've got a ...

Splunk Observability for AI

Don’t miss out on an exciting Tech Talk on Splunk Observability for AI!Discover how Splunk’s agentic AI ...

🔐 Trust at Every Hop: How mTLS in Splunk Enterprise 10.0 Makes Security Simpler

From Idea to Implementation: Why Splunk Built mTLS into Splunk Enterprise 10.0  mTLS wasn’t just a checkbox ...