I need to disable SSL3 and enable TLS 1.2 across all of Splunk Enterprise. SSL3 is being disabled entirely in my organization.
If I just add "sslVersions = -tls1.1, tls1.2, -sslv2, -sslv3" to the inputs.conf, server.conf (under [sslConfig] ) and web.conf on the Indexer, would this not force all forwarders to use TLS 1.2 (or not connect at all if TLS 1.2 is not enabled on the forwarder)?
I have read a number of questions on this, and I'm not entirely clear how I can be certain that I am using TLS 1.2 exclusively across all Splunk servers.
... View more