I wanted to add another gotcha I figured out after running through this answers post. It seems in prior versions to 6.5.2, specifically 6.5.0 and 6.5.1 as tested this worked, but now fails in 6.5.2. Customers had the following setting in their server.conf after upgrade:
[sslConfig]
sslVersions = "tls"
Customers whom upgraded to 6.5.2 found that KVSTORE wouldn't start, but splunkd.log didn't show any syntax issues. Only the mongod.log indicated something was wrong "unknown protocol".
splunkd.log
INFO loader - Server supporting SSL versions SSL3,TLS1.0,TLS1.1,TLS1.2
mongod.log
E NETWORK [conn893] SSL: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol
D NETWORK [conn893] SocketException: remote: 127.0.0.1:37578 error: 9001 socket exception [CONNECT_ERROR]
Removing the double quotes from "tls" fixed the the above issue. So the correct syntax is now:
[sslConfig]
sslVersions = tls
A bug has been created - SPL-138443
... View more