Now I'm deploying a brand new cluster with the 7.2.3 version, with the same server.conf, but the load balancer doesn't recognize the instances as Healthy. In the splunkd.log, for every check from the load balancer, which is a get on https://splunkhostIP/en-US/account/login?return_to=%2Fen-US%2F, I receive these two messages when It happens.
I am encountering the same issue. After upgrading from 6.5.x -> 6.6 -> 7.3, communication between the ELB and instances behind result in time out. Though we set the ciphers on the ELB to explicitly use stronger algorithms, the ELB uses ssl3 ciphers.
When going to the search head directly, however, communication with TLSv1.2 ciphers are successful.
Not sure exactly what the issue is, but all tests allude to a bad config on the ELB.
If functionality is more important than security, you can enable all cipher suites. However, it is not recommended you keep these settings. If you come across a solution, please be sure to share it on the thread.