Security
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Why am I getting a Splunk JAVA SDK handshake_failure trying to log in to Splunk remotely?

junwhuan
New Member
‎01-06-2015 12:00 PM

I am using the JAVA SDK and the example online. I tried to login the remote internal Splunk, but get error message:
Exception in thread "main" java.lang.RuntimeException: Received fatal alert: handshake_failure
at com.splunk.HttpService.send(HttpService.java:345)
at com.splunk.Service.send(Service.java:1268)
at com.splunk.HttpService.post(HttpService.java:243)
at com.splunk.Service.login(Service.java:1099)
at com.splunk.Service.login(Service.java:1079)
at com.nokia.here.ccod.padashboard.splunk.SplunkTest.main(SplunkTest.java:19)
Caused by: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:136)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:1822)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1004)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1188)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1215)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1199)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:476)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.jav...
at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1031)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:230)
at com.splunk.HttpService.send(HttpService.java:338)
... 5 more

However, I have fully tested the login function with NODEJS SDK and Curl command. No problem to login the remote Splunk. Can any one answer my question? Thank you!

I downloaded the SDK from splunk website and it is splunk-sdk-java-1.3.1.jar And here is the code:
ServiceArgs loginArgs = new ServiceArgs();
loginArgs.setUsername("xxxx");
loginArgs.setPassword("xxxx");
loginArgs.setHost("xxxx");
loginArgs.setPort(8089);
loginArgs.setScheme("https");

    // Create a Service instance and log in with the argument map
    Service service = new Service(loginArgs);
    service.login();
0 Karma
Reply

ntbahriti_splun
Splunk Employee
Splunk Employee
‎07-22-2015 02:27 AM

Use the static method connect() with Service:

ServiceArgs loginArgs = new ServiceArgs();
loginArgs.setUsername("xxxx");
loginArgs.setPassword("xxxx");
loginArgs.setHost("xxxx");
loginArgs.setPort(8089);
loginArgs.setScheme("https");
Service service = Service.connect(loginArgs);

See a full sample at https://answers.splunk.com/answers/209379/no-appropriate-protocol-protocol-is-disabled-or-ci.html

Reply
Get Updates on the Splunk Community!

Preparing your Splunk Environment for OpenSSL3

The Splunk platform will transition to OpenSSL version 3 in a future release. Actions are required to prepare ...

Unleash Unified Security and Observability with Splunk Cloud Platform

     Now Available on Microsoft AzureThursday, March 27, 2025  |  11AM PST / 2PM EST | Register NowStep boldly ...

Splunk AppDynamics with Cisco Secure Application

Web applications unfortunately present a target rich environment for security vulnerabilities and attacks. ...