Installation
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

Why can't I install App via proxy?

opoplawski
Explorer
‎11-16-2022 12:39 PM

I'm trying to setup splunk on our network.  We must use a proxy to access the internet.  I've set (I've tried with and without sslVersions):

[sslConfig] 
sslRootCAPath = /etc/pki/tls/cert.pem 
sslVersions = tls1.2

[applicationsManagement] 
sslVersions = tls1.2

[proxyConfig] 
http_proxy = http://PROXY:8080 
https_proxy = http://PROXY:3128 
no_proxy = 127.0.0.0/8,::1,localhost,10.0.0.0/8,192.168.0.0/16,.nwra.com

splunkd reports:

11-16-2022 11:36:34.092 -0800 ERROR HttpClientRequest [50124 TcpChannelThread] - HTTP client error
=error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol while accessing server=http:/
/PROXY:3128 for request=https://cdn.splunkbase.splunk.com/media/private/signed_42
40_20873_1668244830.tgz?response-content-disposition=attachment%3Bfilename%3D%22infosec-app-for-sp
lunk_170.tgz%22&Expires=1668628893&Signature=Ks6QSvwm3FOjimXq42aW-xSdBeysPA1gYrQlQu0Urpf-R7XfnVyQn
F8ChIlT4blEJ38jq-1Iy9vYopkI5MvZoccqJLsbv~fe8peAxgIDHABo0kGLacXoXgiYEE5MGxMmBlBcvA54dwr4xqdmo69zxl6
FhfGxHBfi6KUAZ6zgrv0RlZNz7uQR95cmTpjPbtwlDDbw8IeUE4~NEDnNhRwAqD3mKiSHhfGYEgDF5kQMEHgkm2csRMyJ7i4qR
MscF~dUeqjvrN0P1W~NfL8vykYTHWMXqoeY1OVFliRXzfhqjwcCw8GtQgCcTWT7WOrHLfhZNJR-nJ9kf786SLqgNVQUXA__&Ke
y-Pair-Id=K3GLBBC7R7U34X.

  I can download that URL fine from the machine directly:

https_proxy=http://PROXY:3128 curl 'https://cdn.splunkb
ase.splunk.com/media/private/signed_4240_20873_1668244830.tgz?response-content-disposition=attachm
ent%3Bfilename%3D%22infosec-app-for-splunk_170.tgz%22&Expires=1668627891&Signature=aA-kU~xxaEcPSU~
A3fY4tPEY2mzdfDNN-T4I~RF3bEFfqJB8u2-K7ia8IEMP~uqxqWQhGCKr2oBRC3qQqdsa2-vwz8yzvNgIPcwI5VFEjjFBs1yZu
-0k91sOjFgbiCx3z2FetbSm2K05FOCCN2GCxrJacpjSCz9kPJdFrnsZRDgrdX9vHsC62Fn60OWt0IgRS3qoXKdHHWXct5-RFUc
iKoOFWX8Hdp4ZGXe~xx3UGhqkonqV-ZE~Nt34beC~J5SGdvTS8mZcr7bZKL9M4fefGRtHiVzdK8ffuqCe5Fsthoyyl8OHr4MJy
TptHLcwZKJhthqee80hyrlPYyGVgiEeyQ__&Key-Pair-Id=K3GLBBC7R7U34X' -o /tmp/out
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current 
                                Dload  Upload   Total   Spent    Left  Speed 
100   114  100   114    0     0    139      0 --:--:-- --:--:-- --:--:--   139

 Both the splunk server and the proxy are running EL 8.7.

Labels (3)
Labels
0 Karma
Reply

gcusello
SplunkTrust
SplunkTrust
‎11-16-2022 11:27 PM

Hi @opoplawski,

did you tried to install apps from a downloaded in your computer file?

I usually use this method because the Splunk systems I found aren't all connected to internet.

Ciao.

Giuseppe

0 Karma
Reply

opoplawski
Explorer
‎11-17-2022 08:45 AM

Thanks, that definitely works as an alternative.  But it would still be nice to be able to install directly via the console.

Tags (1)
0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Announcing Modern Navigation: A New Era of Splunk User Experience

We are excited to introduce the Modern Navigation feature in the Splunk Platform, available to both cloud and ...

Modernize your Splunk Apps – Introducing Python 3.13 in Splunk

We are excited to announce that the upcoming releases of Splunk Enterprise 10.2.x and Splunk Cloud Platform ...

Step into “Hunt the Insider: An Splunk ES Premier Mystery” to catch a cybercriminal ...

After a whole week of being on call, you fell asleep on your keyboard, and you hit a sequence of buttons that ...