Security

How to disable SSLv3 on port 443 (TCP)?

dunyaelbasan
Path Finder

I've got a vulnerability scan showing that SSLv3 is enabled on port 8090 on our Splunk 7.1.1   indexer.  In my server.conf file we don't have these lines below: 

 

[sslConfig]
sslVersions = *,-ssl2,-ssl3
cipherSuite = TLSv1.2:!eNULL:!aNULL

 

Is it ok to add them manually to disable  SSLv3 on port 443 (TCP)?

Labels (1)
Tags (1)
0 Karma

njohnson7
Path Finder

@dunyaelbasan Hallo, how did you resolve the issue of SSLV3 vulnerability on port 443 ?

 

Also, did you figure out which config was causing the issue in the first place ?

0 Karma

isoutamo
SplunkTrust
SplunkTrust

Hi

you should read those links which I previously sent. 

The reason for this is, that in early days ssl3 was ok protocol version to use for https. Currently it has known as vulnerable and for that reason it should replaced with tls1.2 or newer. Unfortunately tls1.2 is the newest version which is supported by Splunk. 

r. Ismo

0 Karma

dunyaelbasan
Path Finder

*edit

not port 8090

port 443

isoutamo
SplunkTrust
SplunkTrust
0 Karma

thambisetty
SplunkTrust
SplunkTrust

You can add ciphersuite and sslversion manually.

whats your idea behind it? 
what would you like to enable if you disable ssl3?
would you like to enable tls?
first you mentioned your Vulnerability scan found sslv3 is enabled on 8090.

again you mentioned end of your question that you would like to disable on 443?

 

 

————————————
If this helps, give a like below.

dunyaelbasan
Path Finder

Exactly, İ would you like to enable tls.

0 Karma
Get Updates on the Splunk Community!

Index This | I am a number, but when you add ‘G’ to me, I go away. What number am I?

March 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...