Splunk Dev
×
Are you a member of the Splunk Community?
Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
- Find Answers
- :
- Apps & Add-ons
- :
- Splunk Development
- :
- Splunk Dev
- :
- Re: How to resolve Java Bridge server not running ...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
hjaramillo
New Member
07-31-2017
09:02 AM
jbridge.log
2017-07-31 10:54:04,757 INFO Checking for obsolete java libraries in /opt/splunk/etc/apps/dbx/bin/lib
2017-07-31 10:54:04,765 INFO Started JavaBridgeServer PID=12366
2017-07-31 10:54:05,606 ERROR Java process returned error code 1! Error: Initializing Splunk context... Environment: SplunkEnvironment{SPLUNK_HOME=/opt/splunk,SPLUNK_DB=/opt/splunk/var/lib/splunk} Configuring Log4j... Exception in thread "main" com.splunk.config.SplunkConfigurationException: IO Error while reading configuration from Splunkd: javax.net.ssl.SSLException: Received fatal alert: protocol_version at com.splunk.config.rest.RESTAdapter.request(RESTAdapter.java:199) at com.splunk.config.rest.RESTAdapter.readConfig(RESTAdapter.java:207) at com.splunk.config.cache.CachedConfigurationAdapter.readConfig(CachedConfigurationAdapter.java:32) at com.splunk.config.cache.CachedConfigurationAdapter.readStanza(CachedConfigurationAdapter.java:40) at com.splunk.env.SplunkContext.getConfigStanza(SplunkContext.java:313) at com.splunk.env.SplunkContext.initialize(SplunkContext.java:128) at com.splunk.bridge.JavaBridgeServer.main(JavaBridgeServer.java:34) Caused by: javax.net.ssl.SSLException: Received fatal alert: protocol_version at sun.security.ssl.Alerts.getSSLException(Unknown Source) at sun.security.ssl.Alerts.getSSLException(Unknown Source) at sun.security.ssl.SSLSocketImpl.recvAlert(Unknown Source) at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source) at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source) at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source) at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source) at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source) at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source) at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(Unknown Source) at com.splunk.rest.Splunkd.request(Splunkd.java:216) at com.splunk.rest.Splunkd.request(Splunkd.java:102) at com.splunk.config.rest.RESTAdapter.request(RESTAdapter.java:197) ... 6 more
2017-07-31 10:54:05,606 ERROR Command output: None
Java Version: jre1.8.0_25
1 Solution
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
mvarga2
Explorer
08-03-2017
08:00 AM
For our environment, adding this to our [sslConfig] in server.conf and restarting Splunk resolved the issue:
sslVersionsForClient = tls,-tls1.0
cipherSuite = TLSv1+HIGH:TLSv1.2+HIGH:@STRENGTH
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
mvarga2
Explorer
08-03-2017
08:00 AM
For our environment, adding this to our [sslConfig] in server.conf and restarting Splunk resolved the issue:
sslVersionsForClient = tls,-tls1.0
cipherSuite = TLSv1+HIGH:TLSv1.2+HIGH:@STRENGTH
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
hjaramillo
New Member
08-03-2017
11:32 AM
I did not function
Jbridge.log
2017-08-03 13:25:51,706 INFO Checking for obsolete java libraries in /opt/splunk/etc/apps/dbx/bin/lib
2017-08-03 13:25:51,714 INFO Started JavaBridgeServer PID=29547
2017-08-03 13:25:52,641 ERROR Java process returned error code 1! Error: Initializing Splunk context... Environment: SplunkEnvironment{SPLUNK_HOME=/opt/splunk,SPLUNK_DB=/opt/splunk/var/lib/splunk} Configuring Log4j... Exception in thread "main" com.splunk.config.SplunkConfigurationException: IO Error while reading configuration from Splunkd: javax.net.ssl.SSLException: Received fatal alert: protocol_version at com.splunk.config.rest.RESTAdapter.request(RESTAdapter.java:199) at com.splunk.config.rest.RESTAdapter.readConfig(RESTAdapter.java:207) at com.splunk.config.cache.CachedConfigurationAdapter.readConfig(CachedConfigurationAdapter.java:32) at com.splunk.config.cache.CachedConfigurationAdapter.readStanza(CachedConfigurationAdapter.java:40) at com.splunk.env.SplunkContext.getConfigStanza(SplunkContext.java:313) at com.splunk.env.SplunkContext.initialize(SplunkContext.java:128) at com.splunk.bridge.JavaBridgeServer.main(JavaBridgeServer.java:34) Caused by: javax.net.ssl.SSLException: Received fatal alert: protocol_version at sun.security.ssl.Alerts.getSSLException(Unknown Source) at sun.security.ssl.Alerts.getSSLException(Unknown Source) at sun.security.ssl.SSLSocketImpl.recvAlert(Unknown Source) at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source) at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source) at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source) at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source) at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source) at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source) at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(Unknown Source) at com.splunk.rest.Splunkd.request(Splunkd.java:216) at com.splunk.rest.Splunkd.request(Splunkd.java:102) at com.splunk.config.rest.RESTAdapter.request(RESTAdapter.java:197) ... 6 more
2017-08-03 13:25:52,641 ERROR Command output: None
sslConfig in server.conf :
sslVersionsForClient = tls, -tls1.0, tls1.2
cipherSuite = ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDH-ECDSA-AES256-GCM-SHA384:ECDH-ECDSA-AES128-GCM-SHA256:ECDH-ECDSA-AES128-SHA256:AES256-GCM-SHA384:AES128-GCM-SHA256:AES128-SHA256-TLSv1+HIGH:TLSv1.2+HIGH:@STRENGTH
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
mvarga2
Explorer
08-04-2017
04:39 AM
Here is my entire [sslConfig] Does yours contain the two sslKeysfilePassword and sslPassword?
sslKeysfilePassword = YourPassword
sslPassword = YourPassword
sslVersionsForClient = tls,-tls1.0
cipherSuite = TLSv1+HIGH:TLSv1.2+HIGH:@STRENGTH
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
davebrooking
Contributor
08-04-2017
08:58 AM
What version of DB Connect are you trying to run?
Dave
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
mvarga2
Explorer
08-04-2017
11:26 AM
It works fine for me after I added the two lines stated above. I am running v1.1.7
Get Updates on the Splunk Community!
Security Professional: Sharpen Your Defenses with These .conf25 Sessions
Sooooooooooo, guess what.
.conf25 is almost here, and if you're on the Security Learning Path, this is your ...
First Steps with Splunk SOAR
Our first step was to gather a list of the playbooks we wanted and to sort them by priority. Once this list ...
How To Build a Self-Service Observability Practice with Splunk Observability Cloud
If you’ve read our previous post on self-service observability, you already know what it is and why it ...
