Community:SplunkwebSSLv3

From Splunk Wiki

Jump to: navigation, search

Note: In Splunk 4.x, this is normally supported setting. See http://www.splunk.com/base/Documentation/latest/Admin/Webconf

If you want to have your version 3.x SplunkWeb accept only SSL version 3 connections modify $SPLUNK_HOME/etc/SplunkWeb.tac to include:

  • SSL library
    • from OpenSSL? import SSL
  • Restriction for ssl v3
    • sslmethod=SSL.SSLv3_METHOD

OLD ssl config:

 else:
   # bring up SSL http port
   privKeyPath = ourSearchService.getPrivKeyPath()
   cacertPath = ourSearchService.getCertPath()
   sslContext = ssl.DefaultOpenSSLContextFactory(
     ourSearchService.webRootPath() + privKeyPath,
     ourSearchService.webRootPath() + cacertPath,
   )

NEW ssl config:

 else:
   # bring up SSL http port
   privKeyPath = ourSearchService.getPrivKeyPath()
   cacertPath = ourSearchService.getCertPath()
   from OpenSSL import SSL
   sslContext = ssl.DefaultOpenSSLContextFactory(
     ourSearchService.webRootPath() + privKeyPath,
     ourSearchService.webRootPath() + cacertPath,
     sslmethod=SSL.SSLv3_METHOD
   )

Personal tools
Hot Wiki Topics


About Splunk >
  • Search and navigate IT data from applications, servers and network devices in real-time.
  • Download Splunk