Getting Data In

Can a Splunk indexer accept ssl and non-ssl connections on the same port?


I only need to have some of my forwarder's use SSL. Can I use the same port on my splunk server for ssl and non-ssl forwarder connections?

Tags (3)


SSL is by its very nature an endpoint to endpoint protocol. The encrypted connection is established before any identifying traffic passes in either direction (other than the certificate exchange). You can never share encrypted and unencrypted traffic on the same server port.


By the same token, Apache Webserver cannot accept ssl and non-ssl traffic on the same port. This is why we use port 80 for non-ssl and port 443 for ssl.


No, the splunktcp ssl port will only accept ssl connections. You'll need another splunktcp port to accept non-ssl forwarder connections.