Security
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

How to disable SSLv3 on port 443 (TCP)?

dunyaelbasan
Path Finder
‎09-04-2020 12:48 AM

I've got a vulnerability scan showing that SSLv3 is enabled on port 8090 on our Splunk 7.1.1   indexer.  In my server.conf file we don't have these lines below: 

 

[sslConfig]
sslVersions = *,-ssl2,-ssl3
cipherSuite = TLSv1.2:!eNULL:!aNULL

 

Is it ok to add them manually to disable  SSLv3 on port 443 (TCP)?

Labels (1)
Labels
Tags (1)
0 Karma
Reply

njohnson7
Path Finder
‎03-10-2022 05:55 AM

@dunyaelbasan Hallo, how did you resolve the issue of SSLV3 vulnerability on port 443 ?

 

Also, did you figure out which config was causing the issue in the first place ?

0 Karma
Reply

isoutamo
SplunkTrust
SplunkTrust
‎03-16-2022 12:13 AM

Hi

you should read those links which I previously sent. 

The reason for this is, that in early days ssl3 was ok protocol version to use for https. Currently it has known as vulnerable and for that reason it should replaced with tls1.2 or newer. Unfortunately tls1.2 is the newest version which is supported by Splunk. 

r. Ismo

0 Karma
Reply

dunyaelbasan
Path Finder
‎09-04-2020 12:58 AM

*edit

not port 8090

port 443

Reply

isoutamo
SplunkTrust
SplunkTrust
‎09-04-2020 12:56 AM

Hi


yes, or even better is list accepted versions.

There are also couple of other source which guided you to do it.

r. Ismo

0 Karma
Reply

thambisetty
SplunkTrust
SplunkTrust
‎09-04-2020 12:56 AM

You can add ciphersuite and sslversion manually.

whats your idea behind it? 
what would you like to enable if you disable ssl3?
would you like to enable tls?
first you mentioned your Vulnerability scan found sslv3 is enabled on 8090.

again you mentioned end of your question that you would like to disable on 443?

 

 

————————————
If this helps, give a like below.
Reply

dunyaelbasan
Path Finder
‎09-04-2020 12:58 AM

Exactly, İ would you like to enable tls.

0 Karma
Reply
Get Updates on the Splunk Community!

Enter the Agentic Era with Splunk AI Assistant for SPL 1.4

  🚀 Your data just got a serious AI upgrade — are you ready? Say hello to the Agentic Era with the ...

Stronger Security with Federated Search for S3, GCP SQL & Australian Threat ...

Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data ...

Accelerating Observability as Code with the Splunk AI Assistant

We’ve seen in previous posts what Observability as Code (OaC) is and how it’s now essential for managing ...