Why is this unknown protocol found in indexer from Windows Universal Forwarder: SSL23_GET_CLIENT_HELLO?


I install UF 8.2.4 for Windows and using default pem and CA certificate, I tried to connect UF to the indexer. However, the eventlog information cannot be sent to indexer with the error 

ERROR TcpInputProc - Error encountered for connection from error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol

I search thru the /opt/splunk/var/log/splunk/splunkd.log and not much information can be found. How can I get more detail info to troubleshoot the problem ?


Labels (3)
Tags (1)
0 Karma
Get Updates on the Splunk Community!

Don't wait! Accept the Mission Possible: Splunk Adoption Challenge Now and Win ...

Attention everyone! We have exciting news to share! We are recruiting new members for the Mission Possible: ...

Unify Your SecOps with Splunk Mission Control

In today’s post, I'm excited to share some recent Splunk Mission Control innovations. With Splunk Mission ...

Data Preparation Made Easy: SPL2 for Edge Processor

By now, you may have heard the exciting news that Edge Processor, the easy-to-use Splunk data preparation tool ...