Community:SplunkwebSSLv3
From Splunk Wiki
Note: In Splunk 4.x, this is normally supported setting. See http://www.splunk.com/base/Documentation/latest/Admin/Webconf
If you want to have your version 3.x SplunkWeb accept only SSL version 3 connections modify $SPLUNK_HOME/etc/SplunkWeb.tac to include:
- SSL library
- from OpenSSL? import SSL
- Restriction for ssl v3
- sslmethod=SSL.SSLv3_METHOD
OLD ssl config:
else:
# bring up SSL http port
privKeyPath = ourSearchService.getPrivKeyPath()
cacertPath = ourSearchService.getCertPath()
sslContext = ssl.DefaultOpenSSLContextFactory(
ourSearchService.webRootPath() + privKeyPath,
ourSearchService.webRootPath() + cacertPath,
)
NEW ssl config:
else:
# bring up SSL http port
privKeyPath = ourSearchService.getPrivKeyPath()
cacertPath = ourSearchService.getCertPath()
from OpenSSL import SSL
sslContext = ssl.DefaultOpenSSLContextFactory(
ourSearchService.webRootPath() + privKeyPath,
ourSearchService.webRootPath() + cacertPath,
sslmethod=SSL.SSLv3_METHOD
)