Splunk Enterprise Security
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

KV Store communication fails with TLS errors after upgrading from 9.4.3 to 10.0.1

afx
Contributor
a month ago

After upgrading from 9.4.3 to 10.0.1 I run in the following TLS errors from mongod.log:

2025-10-16T08:59:56.224Z I  NETWORK  [listener] connection accepted from 127.0.0.1:34164 #1490 (1 connection now open)
2025-10-16T08:59:56.233Z E  NETWORK  [conn1490] SSL peer certificate validation failed: unsupported certificate purpose
2025-10-16T08:59:56.233Z I  NETWORK  [conn1490] Error receiving request from client: SSLHandshakeFailed: SSL peer certificate validation failed: unsupported certificate purpose. Ending connection from 127.0.0.1:34164 (connection id: 1490)
2025-10-16T08:59:56.233Z I  NETWORK  [conn1490] end connection 127.0.0.1:34164 (0 connections now open)
2025-10-16T08:59:56.233Z W  NETWORK  [ReplicaSetMonitor-TaskExecutor] The server certificate does not match the host name. Hostname: 127.0.0.1 does not match SAN(s):

For the SAN all Domain names and the IO are listed, but not localhost.

Any ideas how to get around the multipurpose requirement? Our CA does not provide them. I can get around the 127.0.0.1 entry via options, but the purpose thing seems to be a showstopper.

Labels (1)
Labels
0 Karma
Reply
Get Updates on the Splunk Community!

Splunk Observability as Code: From Zero to Dashboard

For the details on what Self-Service Observability and Observability as Code is, we have some awesome content ...

[Puzzles] Solve, Learn, Repeat: Character substitutions with Regular Expressions

This challenge was first posted on Slack #puzzles channelFor BORE at .conf23, we had a puzzle question which ...

Shape the Future of Splunk: Join the Product Research Lab!

Join the Splunk Product Research Lab and connect with us in the Slack channel #product-research-lab to get ...