Solved: Splunk 7.0.0 management port 8089 - SSL handshake ...

dhavamanis · ‎10-24-2017

After upgrade from Splunk version 6.5.3 to 7.0 management port 8089 - SSL handshake failed through curl or wget. but it works through browser, Can you help us how to access over wget /curl,

[splunk@splunk01 tmp]$ wget --no-check-certificate https://myhostname:8089 --debug
DEBUG output created by Wget 1.11.4 Red Hat modified on linux-gnu.

--2017-10-24 17:41:40-- https://myhostname:8089/
Connecting to myhostname:8089... connected.
Created socket 3.
Releasing 0x000000000b74f1a0 (new refcount 0).
Deleting unused 0x000000000b74f1a0.
Initiating SSL handshake.
SSL handshake failed.
Closed fd 3
Unable to establish SSL connection.
[splunk@splunk01 tmp]$

masonmorales · ‎10-24-2017

If you check the _internal index on the server side, do you see any errors related to the connection?

dhavamanis · ‎10-24-2017

yes, getting this error in the splunkd.log while accessing this over curl/wget,

10-24-2017 19:48:59.486 -0400 WARN HttpListener - Socket error from xxx.yyy.zzz.abc while idling: error:1408F10B:SSL routines:SSL3GETRECORD:wrong version number

dhavamanis · ‎10-26-2017

This Splunk known issue (SPL-141961) upgrading to version 6.6 or later. as per workaround after adding the below config in server.conf and its started working.

http://docs.splunk.com/Documentation/Splunk/6.6.0/ReleaseNotes/KnownIssues#Upgrade_issues

[sslConfig]
sslVersions = *,-ssl2
sslVersionsForClient = *,-ssl2
cipherSuite = TLSv1+HIGH:TLSv1.2+HIGH:@STRENGTH

View solution in original post

Splunk 7.0.0 management port 8089 - SSL handshake failed

Re: Splunk 7.0.0 management port 8089 - SSL handshake failed

Re: Splunk 7.0.0 management port 8089 - SSL handshake failed

Re: Splunk 7.0.0 management port 8089 - SSL handshake failed