Security
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Issues using the ciphersuite = in the server.conf

voxeoandree
Engager
‎01-13-2011 06:45 AM

Hello,

We are running Splunk 4.1.4 and I have enabled sslv3 and that works fine, however I am unable to specify (and make work) strong ciphers.

We need to specifically disable DES-CBC-SHA

When running btool debug I see the ciphers being specified but I still can connect to the web interface.

system     [SSL]
system     cipherSuite = HIGH:MEDIUM
system     [default]
voxeoui    [settings]
system     SSOMode = permissive

HELP!

Tags (3)
Reply
1 Solution
Solved! Jump to solution
Solution

araitz
Splunk Employee
Splunk Employee
‎01-13-2011 09:01 PM

The cipher suite that you have specified in server.conf is effective for the SSL/TLS of splunkd's management port (port 8089 by default).

UPDATE: although in 4.0 through 4.2.5 it is not possible to specify a cipher suite for Splunk Web (port 8000 by default), in Splunk 4.3 and beyond, web.conf does accept the cipherSuite setting; see this link for more information.

View solution in original post

Reply
Solved! Jump to solution
Solution

araitz
Splunk Employee
Splunk Employee
‎01-13-2011 09:01 PM

The cipher suite that you have specified in server.conf is effective for the SSL/TLS of splunkd's management port (port 8089 by default).

UPDATE: although in 4.0 through 4.2.5 it is not possible to specify a cipher suite for Splunk Web (port 8000 by default), in Splunk 4.3 and beyond, web.conf does accept the cipherSuite setting; see this link for more information.

Reply
Solved! Jump to solution

dshpritz
SplunkTrust
SplunkTrust
‎01-10-2012 09:54 AM

Looks like this is addressed by Splunk 4.3:
http://blogs.splunk.com/2012/01/10/splunk4-3-shiny-new-security-features/

0 Karma
Reply
Solved! Jump to solution

araitz
Splunk Employee
Splunk Employee
‎09-08-2011 08:57 AM

We cannot be specific about forthcoming release milestones, but suffice it to say that we understand the need to specify cipher suites in web.conf.

0 Karma
Reply
Solved! Jump to solution

dshpritz
SplunkTrust
SplunkTrust
‎09-07-2011 05:40 PM

It looks like the most recent version of CherryPy (3.2: http://www.cherrypy.org/wiki/WhatsNewIn32#SSL) allows the use of the Python ssl module, which I believe would allow for the selection of cipher suites. Any word on when this support will be available in Splunk?

0 Karma
Reply
Career Survey
First 500 qualified respondents will receive a $20 gift card! Tell us about your professional Splunk journey.
Take the Survey

Can’t make it to .conf25? Join us online!

Watch Global Broadcast
Get Updates on the Splunk Community!

Community Content Calendar, September edition

Welcome to another insightful post from our Community Content Calendar! We're thrilled to continue bringing ...

Splunkbase Unveils New App Listing Management Public Preview

Splunkbase Unveils New App Listing Management Public PreviewWe're thrilled to announce the public preview of ...

Leveraging Automated Threat Analysis Across the Splunk Ecosystem

Are you leveraging automation to its fullest potential in your threat detection strategy?Our upcoming Security ...