|
Hello, We are running Splunk 4.1.4 and I have enabled sslv3 and that works fine, however I am unable to specify (and make work) strong ciphers. We need to specifically disable DES-CBC-SHA When running btool debug I see the ciphers being specified but I still can connect to the web interface. HELP! |
|
The cipher suite that you have specified in server.conf is effective for the SSL/TLS of splunkd's management port (port 8089 by default). UPDATE: although in 4.0 through 4.2.5 it is not possible to specify a cipher suite for Splunk Web (port 8000 by default), in Splunk 4.3 and beyond, web.conf does accept the cipherSuite setting; see this link for more information. It looks like the most recent version of CherryPy (3.2: http://www.cherrypy.org/wiki/WhatsNewIn32#SSL) allows the use of the Python ssl module, which I believe would allow for the selection of cipher suites. Any word on when this support will be available in Splunk?
(07 Sep '11, 17:40)
dshpritz
We cannot be specific about forthcoming release milestones, but suffice it to say that we understand the need to specify cipher suites in web.conf.
(08 Sep '11, 08:57)
araitz ♦
Looks like this is addressed by Splunk 4.3: http://blogs.splunk.com/2012/01/10/splunk4-3-shiny-new-security-features/
(10 Jan '12, 09:54)
dshpritz
|