I've got a vulnerability scan showing that SSLv3 is enabled on port 8090 on our Splunk 7.1.1 indexer. In my server.conf file we don't have these lines below:
[sslConfig]
sslVersions = *,-ssl2,-ssl3
cipherSuite = TLSv1.2:!eNULL:!aNULL
Is it ok to add them manually to disable SSLv3 on port 443 (TCP)?
@dunyaelbasan Hallo, how did you resolve the issue of SSLV3 vulnerability on port 443 ?
Also, did you figure out which config was causing the issue in the first place ?
Hi
you should read those links which I previously sent.
The reason for this is, that in early days ssl3 was ok protocol version to use for https. Currently it has known as vulnerable and for that reason it should replaced with tls1.2 or newer. Unfortunately tls1.2 is the newest version which is supported by Splunk.
r. Ismo
*edit
not port 8090
port 443
Hi
yes, or even better is list accepted versions.
There are also couple of other source which guided you to do it.
r. Ismo
You can add ciphersuite and sslversion manually.
whats your idea behind it?
what would you like to enable if you disable ssl3?
would you like to enable tls?
first you mentioned your Vulnerability scan found sslv3 is enabled on 8090.
again you mentioned end of your question that you would like to disable on 443?
Exactly, İ would you like to enable tls.