Security

DB Connect hangs when attempting to connect to MSSQL using SSL (ssl enforced on database server)

splunkIT
Splunk Employee
Splunk Employee

My DB Connect app has no problem connecting to a non-ssl enforced MSSQL instance. However, when connecting to a ssl enforced MSSQL instance, db connect appears to hang.

One interesting observation is that the problem (hang) seems to be reproducible using a 3rd party app like DBVisualizer to connect using the jTDS driver (same driver use by DB Connect).

1 Solution

splunkIT
Splunk Employee
Splunk Employee

By adding this -Djsse.enableCBCProtection=false param in the java options, I can connect to SSL enabled MSSQL instance without having to add any new parameters in the JDBC connection URL.

This appears to be a java bug:
https://www.aquaclusters.com/app/home/project/public/aquadatastudio/discussion/GeneralDiscussions/po...

https://forums.oracle.com/message/10843957

To workaround it, I have to add "-Djsse.enableCBCProtection=false" to the java options parameter, by appending it in the $SPLUNK_HOME/apps/dbx/local/java.conf file. Here is mine for your reference:

[java]
home = /home/luan/jdk1.7.0_25
options = -Xmx256m -Dfile.encoding=UTF-8 -server -Djsse.enableCBCProtection=false -Duser.language=en -Duser.reg ion=

View solution in original post

pwesterbeek
Engager

Hi,

I spend a whole day trying to connect using all of this above ( and more, i.e. digging through the canyons of the internet), but to no result. Problem was solved when I uninstalled Java 1.8 and reinstalled Java 1.7.

Works like a charm now.

Btw I am using splunk 6.3. on Linux (Ubuntu). Using sqljdbc4.jar from microsoft (https://www.microsoft.com/en-us/download/details.aspx?displaylang=en&id=11774) to connect to MS SQL server 12.0.2000

Java.conf:

[java]
home = /usr/lib/jvm/default-java/jre
options = -Xmx256m -Dfile.encoding=UTF-8 -Djsse.enableCBCProtection=false -server -Duser.language=en -Duser.region=

0 Karma

avisatna
New Member

Hi,

I'm getting below error for MS SQL connection,

Encountered the following error while trying to save: Splunkd daemon is not responding: ("Error connecting to /servicesNS/admin/dbx/dbx/databases: ('The read operation timed out',)",)

can please help for this

0 Karma

splunkIT
Splunk Employee
Splunk Employee

By adding this -Djsse.enableCBCProtection=false param in the java options, I can connect to SSL enabled MSSQL instance without having to add any new parameters in the JDBC connection URL.

This appears to be a java bug:
https://www.aquaclusters.com/app/home/project/public/aquadatastudio/discussion/GeneralDiscussions/po...

https://forums.oracle.com/message/10843957

To workaround it, I have to add "-Djsse.enableCBCProtection=false" to the java options parameter, by appending it in the $SPLUNK_HOME/apps/dbx/local/java.conf file. Here is mine for your reference:

[java]
home = /home/luan/jdk1.7.0_25
options = -Xmx256m -Dfile.encoding=UTF-8 -server -Djsse.enableCBCProtection=false -Duser.language=en -Duser.reg ion=

chrisproud
Engager

Hi, I'm experiencing this time-out connecting to a remote SQL 2014. I've tried the java options and arg.ssl=require but neither work. What can I try next? Thanks

My java.conf

[java]
home = C:\Program Files\Java\jre1.8.0_45
options = -Djsse.enableCBCProtection=false

0 Karma

Chubbybunny
Splunk Employee
Splunk Employee

@splunkIT Thanks again!! this worked, now I can go have fun on the farm.

(\__/)
(='.'=)
(")_(")
0 Karma

amiracle
Splunk Employee
Splunk Employee

One quick fix to the statement above, you might want to add the region to this option entry:

options = -Xmx256m -Dfile.encoding=UTF-8 -server -Djsse.enableCBCProtection=false -Duser.language=en -Duser.region=us

0 Karma

yyakovlev
Engager

Hello, i have the same issue during connecting dbx to mssql2012.
I add -Djsse.enableCBCProtection=false to .../apps/dbx/local/java.conf and it's didn't work

Can anybody help me with this?

0 Karma

splunkIT
Splunk Employee
Splunk Employee

@yyakovlev, please open a ticket with splunk support if you still need assistance on db connect.

0 Karma
Get Updates on the Splunk Community!

Index This | I am a number, but when you add ‘G’ to me, I go away. What number am I?

March 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...