The venerable old-skool Splunk forums are now closed. Feel free to search for old content here, but new posts are no longer supported.

Instead, please visit the thriving community at answers.splunk.com to ask and answer questions about your Splunk deployment and how to get the most out of it.

Forums: SplunkAdministration: Disable weaker SSL versions

Previous Topic: trouble searching with fields  |   Next Topic: _whitelist for a dir and file in same path


Posts 1–2 of 2
1
posted by: Jon.Prentice@j2global.com  |  posts
date: September 19, 2008
permalink

Our scans show that weaker versions of SSL are enabled (such as SSLv2) how can Splunk be configured to disable these and use specific stronger versions? I've looked through the documentation and config files but don't see any way to control SSL other than the ON/OFF switch.

Thanks!
Jon

2
posted by: araitz  |  posts
date: September 19, 2008
permalink

This is a false positive to some extent - although Splunk will present SSLv2 at negotiation at handshake on SSLv3 is used. This is the default behavior of OpenSSL.