We are running Splunk 4.1.4 and I have enabled sslv3 and that works fine, however I am unable to specify (and make work) strong ciphers.
We need to specifically disable DES-CBC-SHA
When running btool debug I see the ciphers being specified but I still can connect to the web interface.
system [SSL] system cipherSuite = HIGH:MEDIUM system [default] voxeoui [settings] system SSOMode = permissive
The cipher suite that you have specified in server.conf is effective for the SSL/TLS of splunkd's management port (port 8089 by default).
UPDATE: although in 4.0 through 4.2.5 it is not possible to specify a cipher suite for Splunk Web (port 8000 by default), in Splunk 4.3 and beyond, web.conf does accept the cipherSuite setting; see this link for more information.
It looks like the most recent version of CherryPy (3.2: http://www.cherrypy.org/wiki/WhatsNewIn32#SSL) allows the use of the Python ssl module, which I believe would allow for the selection of cipher suites. Any word on when this support will be available in Splunk?
We cannot be specific about forthcoming release milestones, but suffice it to say that we understand the need to specify cipher suites in web.conf.