Security
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Issues using the ciphersuite = in the server.conf

voxeoandree
Engager
‎01-13-2011 06:45 AM

Hello,

We are running Splunk 4.1.4 and I have enabled sslv3 and that works fine, however I am unable to specify (and make work) strong ciphers.

We need to specifically disable DES-CBC-SHA

When running btool debug I see the ciphers being specified but I still can connect to the web interface.

system     [SSL]
system     cipherSuite = HIGH:MEDIUM
system     [default]
voxeoui    [settings]
system     SSOMode = permissive

HELP!

Tags (3)
Reply
1 Solution
Solved! Jump to solution
Solution

araitz
Splunk Employee
Splunk Employee
‎01-13-2011 09:01 PM

The cipher suite that you have specified in server.conf is effective for the SSL/TLS of splunkd's management port (port 8089 by default).

UPDATE: although in 4.0 through 4.2.5 it is not possible to specify a cipher suite for Splunk Web (port 8000 by default), in Splunk 4.3 and beyond, web.conf does accept the cipherSuite setting; see this link for more information.

View solution in original post

Reply
Solved! Jump to solution
Solution

araitz
Splunk Employee
Splunk Employee
‎01-13-2011 09:01 PM

The cipher suite that you have specified in server.conf is effective for the SSL/TLS of splunkd's management port (port 8089 by default).

UPDATE: although in 4.0 through 4.2.5 it is not possible to specify a cipher suite for Splunk Web (port 8000 by default), in Splunk 4.3 and beyond, web.conf does accept the cipherSuite setting; see this link for more information.

Reply
Solved! Jump to solution

dshpritz
SplunkTrust
SplunkTrust
‎01-10-2012 09:54 AM

Looks like this is addressed by Splunk 4.3:
http://blogs.splunk.com/2012/01/10/splunk4-3-shiny-new-security-features/

0 Karma
Reply
Solved! Jump to solution

araitz
Splunk Employee
Splunk Employee
‎09-08-2011 08:57 AM

We cannot be specific about forthcoming release milestones, but suffice it to say that we understand the need to specify cipher suites in web.conf.

0 Karma
Reply
Solved! Jump to solution

dshpritz
SplunkTrust
SplunkTrust
‎09-07-2011 05:40 PM

It looks like the most recent version of CherryPy (3.2: http://www.cherrypy.org/wiki/WhatsNewIn32#SSL) allows the use of the Python ssl module, which I believe would allow for the selection of cipher suites. Any word on when this support will be available in Splunk?

0 Karma
Reply
Get Updates on the Splunk Community!

Cloud Platform & Enterprise: Classic Dashboard Export Feature Deprecation

As of Splunk Cloud Platform 9.3.2408 and Splunk Enterprise 9.4, classic dashboard export features are now ...

Explore the Latest Educational Offerings from Splunk (November Releases)

At Splunk Education, we are committed to providing a robust learning experience for all users, regardless of ...

New This Month in Splunk Observability Cloud - Metrics Usage Analytics, Enhanced K8s ...

The latest enhancements across the Splunk Observability portfolio deliver greater flexibility, better data and ...