Solved: Re: Unhash password found on Slave-apps

jaracan · ‎02-26-2019

Hi Team,

We had an app for called "org_full_license_server_ssl" and it contains a server.conf
This server.conf has a parameter called "sslPassword".

Let say, the sslPassword is abcd1234 on this example.

So we had deploy the "org_full_license_server_ssl" using the CM's master-apps, and it was push to the Peer nodes/IDX slave-apps.
We notice that the server.conf's parameter value for sslPassword is a readable "abcd1234". Do we have insights why it did not got hash on the first place?

Or is the best practice to move the "org_full_license_server_ssl" from etc/slave-apps to etc/apps?
I am thinking, it might be the splunk.secret did not take effect if its on the etc/slave-apps

Any thoughts/insights?

Thanks

dkeck · ‎02-27-2019

HI,

its normal that passwords do not get hashed in slave-apps or deplyomentapps.

View solution in original post

isoutamo · ‎06-14-2020

Hi

have you try to put those passwords under local not to default directory? At least some times this has fixed it.

r. Ismo

dkeck · ‎02-27-2019

HI,

its normal that passwords do not get hashed in slave-apps or deplyomentapps.

jaracan · ‎02-27-2019

Hi dkeck,

so the best practice to move the "org_full_license_server_ssl" from etc/slave-apps to etc/apps and then restart it so it will be hash, correct?

dkeck · ‎02-27-2019

Have to be configured on each peer in etc/apps to be hashed yes.

weicai88 · ‎06-12-2020

I am having the same issue. Probably you can get the hash value on the CM, assuming it has the same certificate and splunk secret (which is used to encrypt the password), and plug the hash in the master app, then deploy the bundle to peers.

Unhash password found on Slave-apps

.conf24 | Registration Open!

ICYMI - Check out the latest releases of Splunk Edge Processor

Introducing the 2024 SplunkTrust!