What causes the Login Screen to respond with "Warning: The time on the server differs significantly from this machine..."

New Member

I see that it is a response to a Cookie check (code here:, however user is logging in from desktop with same time as search-head. Was not able to see anything in the logs either. Has anyone seen this issue before, and what does it mean?

Tags (2)
0 Karma


After verifying the time on the server and client, one solution is to refresh the webpage so that it can present you with the option to bypass/accept the SSL certificate in cases where a warning may be present.

0 Karma


I just figured out, turns out the time on the linux vm is a day off from desktop date-time, the search-head is installed on linux vm, once I set the correct date-time on linux vm, there is no warning.. hope this helps someone.

0 Karma


We also saw this with a Splunk 6.2.3 search head. It only happened once so far, and the person didn't see it again after a browser restart.

0 Karma