Security

Unhash password found on Slave-apps

Communicator

Hi Team,

We had an app for called "orgfulllicenseserverssl" and it contains a server.conf
This server.conf has a parameter called "sslPassword".

Let say, the sslPassword is abcd1234 on this example.

So we had deploy the "orgfulllicenseserverssl" using the CM's master-apps, and it was push to the Peer nodes/IDX slave-apps.
We notice that the server.conf's parameter value for sslPassword is a readable "abcd1234". Do we have insights why it did not got hash on the first place?

Or is the best practice to move the "orgfulllicenseserverssl" from etc/slave-apps to etc/apps?
I am thinking, it might be the splunk.secret did not take effect if its on the etc/slave-apps

Any thoughts/insights?

Thanks

0 Karma
1 Solution

Influencer

HI,

its normal that passwords do not get hashed in slave-apps or deplyomentapps.

View solution in original post

0 Karma

Champion

Hi

have you try to put those passwords under local not to default directory? At least some times this has fixed it.

r. Ismo

0 Karma

Influencer

HI,

its normal that passwords do not get hashed in slave-apps or deplyomentapps.

View solution in original post

0 Karma

Communicator

Hi dkeck,

so the best practice to move the "orgfulllicenseserverssl" from etc/slave-apps to etc/apps and then restart it so it will be hash, correct?

0 Karma

Influencer

Have to be configured on each peer in etc/apps to be hashed yes.

0 Karma

Path Finder

I am having the same issue. Probably you can get the hash value on the CM, assuming it has the same certificate and splunk secret (which is used to encrypt the password), and plug the hash in the master app, then deploy the bundle to peers.

0 Karma