Solved: Re: How to resolve Java Bridge server not running ...

hjaramillo · ‎07-31-2017

jbridge.log

2017-07-31 10:54:04,757 INFO Checking for obsolete java libraries in /opt/splunk/etc/apps/dbx/bin/lib
2017-07-31 10:54:04,765 INFO Started JavaBridgeServer PID=12366
2017-07-31 10:54:05,606 ERROR Java process returned error code 1! Error: Initializing Splunk context... Environment: SplunkEnvironment{SPLUNK_HOME=/opt/splunk,SPLUNK_DB=/opt/splunk/var/lib/splunk} Configuring Log4j... Exception in thread "main" com.splunk.config.SplunkConfigurationException: IO Error while reading configuration from Splunkd: javax.net.ssl.SSLException: Received fatal alert: protocol_version  at com.splunk.config.rest.RESTAdapter.request(RESTAdapter.java:199)     at com.splunk.config.rest.RESTAdapter.readConfig(RESTAdapter.java:207)  at com.splunk.config.cache.CachedConfigurationAdapter.readConfig(CachedConfigurationAdapter.java:32)    at com.splunk.config.cache.CachedConfigurationAdapter.readStanza(CachedConfigurationAdapter.java:40)    at com.splunk.env.SplunkContext.getConfigStanza(SplunkContext.java:313)     at com.splunk.env.SplunkContext.initialize(SplunkContext.java:128)  at com.splunk.bridge.JavaBridgeServer.main(JavaBridgeServer.java:34) Caused by: javax.net.ssl.SSLException: Received fatal alert: protocol_version  at sun.security.ssl.Alerts.getSSLException(Unknown Source)  at sun.security.ssl.Alerts.getSSLException(Unknown Source)  at sun.security.ssl.SSLSocketImpl.recvAlert(Unknown Source)     at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)    at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)   at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)    at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)    at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)  at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)    at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(Unknown Source)    at com.splunk.rest.Splunkd.request(Splunkd.java:216)    at com.splunk.rest.Splunkd.request(Splunkd.java:102)    at com.splunk.config.rest.RESTAdapter.request(RESTAdapter.java:197)     ... 6 more 
2017-07-31 10:54:05,606 ERROR Command output: None

Java Version: jre1.8.0_25

mvarga2 · ‎08-03-2017

For our environment, adding this to our [sslConfig] in server.conf and restarting Splunk resolved the issue:

sslVersionsForClient = tls,-tls1.0
cipherSuite = TLSv1+HIGH:TLSv1.2+HIGH:@STRENGTH

View solution in original post

mvarga2 · ‎08-03-2017

For our environment, adding this to our [sslConfig] in server.conf and restarting Splunk resolved the issue:

sslVersionsForClient = tls,-tls1.0
cipherSuite = TLSv1+HIGH:TLSv1.2+HIGH:@STRENGTH

hjaramillo · ‎08-03-2017

I did not function

Jbridge.log
2017-08-03 13:25:51,706 INFO Checking for obsolete java libraries in /opt/splunk/etc/apps/dbx/bin/lib
2017-08-03 13:25:51,714 INFO Started JavaBridgeServer PID=29547
2017-08-03 13:25:52,641 ERROR Java process returned error code 1! Error: Initializing Splunk context... Environment: SplunkEnvironment{SPLUNK_HOME=/opt/splunk,SPLUNK_DB=/opt/splunk/var/lib/splunk} Configuring Log4j... Exception in thread "main" com.splunk.config.SplunkConfigurationException: IO Error while reading configuration from Splunkd: javax.net.ssl.SSLException: Received fatal alert: protocol_version at com.splunk.config.rest.RESTAdapter.request(RESTAdapter.java:199) at com.splunk.config.rest.RESTAdapter.readConfig(RESTAdapter.java:207) at com.splunk.config.cache.CachedConfigurationAdapter.readConfig(CachedConfigurationAdapter.java:32) at com.splunk.config.cache.CachedConfigurationAdapter.readStanza(CachedConfigurationAdapter.java:40) at com.splunk.env.SplunkContext.getConfigStanza(SplunkContext.java:313) at com.splunk.env.SplunkContext.initialize(SplunkContext.java:128) at com.splunk.bridge.JavaBridgeServer.main(JavaBridgeServer.java:34) Caused by: javax.net.ssl.SSLException: Received fatal alert: protocol_version at sun.security.ssl.Alerts.getSSLException(Unknown Source) at sun.security.ssl.Alerts.getSSLException(Unknown Source) at sun.security.ssl.SSLSocketImpl.recvAlert(Unknown Source) at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source) at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source) at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source) at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source) at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source) at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source) at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(Unknown Source) at com.splunk.rest.Splunkd.request(Splunkd.java:216) at com.splunk.rest.Splunkd.request(Splunkd.java:102) at com.splunk.config.rest.RESTAdapter.request(RESTAdapter.java:197) ... 6 more
2017-08-03 13:25:52,641 ERROR Command output: None

sslConfig in server.conf :

sslVersionsForClient = tls, -tls1.0, tls1.2
cipherSuite = ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDH-ECDSA-AES256-GCM-SHA384:ECDH-ECDSA-AES128-GCM-SHA256:ECDH-ECDSA-AES128-SHA256:AES256-GCM-SHA384:AES128-GCM-SHA256:AES128-SHA256-TLSv1+HIGH:TLSv1.2+HIGH:@STRENGTH

mvarga2 · ‎08-04-2017

Here is my entire [sslConfig] Does yours contain the two sslKeysfilePassword and sslPassword?

sslKeysfilePassword = YourPassword
sslPassword = YourPassword
sslVersionsForClient = tls,-tls1.0
cipherSuite = TLSv1+HIGH:TLSv1.2+HIGH:@STRENGTH

davebrooking · ‎08-04-2017

What version of DB Connect are you trying to run?

Dave

mvarga2 · ‎08-04-2017

It works fine for me after I added the two lines stated above. I am running v1.1.7

How to resolve Java Bridge server not running after upgrade to Splunk 6.6.2?