Security
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
Solved! Jump to solution

Issues using the ciphersuite = in the server.conf

voxeoandree
Engager
‎01-13-2011 06:45 AM

Hello,

We are running Splunk 4.1.4 and I have enabled sslv3 and that works fine, however I am unable to specify (and make work) strong ciphers.

We need to specifically disable DES-CBC-SHA

When running btool debug I see the ciphers being specified but I still can connect to the web interface.

system     [SSL]
system     cipherSuite = HIGH:MEDIUM
system     [default]
voxeoui    [settings]
system     SSOMode = permissive

HELP!

Tags (3)
Reply
1 Solution
Solved! Jump to solution
Solution

araitz
Splunk Employee
Splunk Employee
‎01-13-2011 09:01 PM

The cipher suite that you have specified in server.conf is effective for the SSL/TLS of splunkd's management port (port 8089 by default).

UPDATE: although in 4.0 through 4.2.5 it is not possible to specify a cipher suite for Splunk Web (port 8000 by default), in Splunk 4.3 and beyond, web.conf does accept the cipherSuite setting; see this link for more information.

View solution in original post

Reply
Solved! Jump to solution
Solution

araitz
Splunk Employee
Splunk Employee
‎01-13-2011 09:01 PM

The cipher suite that you have specified in server.conf is effective for the SSL/TLS of splunkd's management port (port 8089 by default).

UPDATE: although in 4.0 through 4.2.5 it is not possible to specify a cipher suite for Splunk Web (port 8000 by default), in Splunk 4.3 and beyond, web.conf does accept the cipherSuite setting; see this link for more information.

Reply
Solved! Jump to solution

dshpritz
SplunkTrust
SplunkTrust
‎01-10-2012 09:54 AM

Looks like this is addressed by Splunk 4.3:
http://blogs.splunk.com/2012/01/10/splunk4-3-shiny-new-security-features/

0 Karma
Reply
Solved! Jump to solution

araitz
Splunk Employee
Splunk Employee
‎09-08-2011 08:57 AM

We cannot be specific about forthcoming release milestones, but suffice it to say that we understand the need to specify cipher suites in web.conf.

0 Karma
Reply
Solved! Jump to solution

dshpritz
SplunkTrust
SplunkTrust
‎09-07-2011 05:40 PM

It looks like the most recent version of CherryPy (3.2: http://www.cherrypy.org/wiki/WhatsNewIn32#SSL) allows the use of the Python ssl module, which I believe would allow for the selection of cipher suites. Any word on when this support will be available in Splunk?

0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

May 2026 Splunk Expert Sessions: Security & Observability

Level Up Your Operations: May 2026 Splunk Expert Sessions Whether you are refining your security posture or ...

Network to App: Observability Unlocked [May & June Series]

In today’s digital landscape, your environment is no longer confined to the data center. It spans complex ...

SPL2 Deep Dives, AppDynamics Integrations, SAML Made Simple and Much More on Splunk ...

Splunk Lantern is Splunk’s customer success center that provides practical guidance from Splunk experts on key ...