Security
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

DB Connect hangs when attempting to connect to MSSQL using SSL (ssl enforced on database server)

splunkIT
Splunk Employee
Splunk Employee
‎09-04-2013 09:24 AM

My DB Connect app has no problem connecting to a non-ssl enforced MSSQL instance. However, when connecting to a ssl enforced MSSQL instance, db connect appears to hang.

One interesting observation is that the problem (hang) seems to be reproducible using a 3rd party app like DBVisualizer to connect using the jTDS driver (same driver use by DB Connect).

Reply
1 Solution
Solved! Jump to solution
Solution

splunkIT
Splunk Employee
Splunk Employee
‎09-04-2013 09:28 AM

By adding this -Djsse.enableCBCProtection=false param in the java options, I can connect to SSL enabled MSSQL instance without having to add any new parameters in the JDBC connection URL.

This appears to be a java bug:
https://www.aquaclusters.com/app/home/project/public/aquadatastudio/discussion/GeneralDiscussions/po...

https://forums.oracle.com/message/10843957

To workaround it, I have to add "-Djsse.enableCBCProtection=false" to the java options parameter, by appending it in the $SPLUNK_HOME/apps/dbx/local/java.conf file. Here is mine for your reference:

[java]
home = /home/luan/jdk1.7.0_25
options = -Xmx256m -Dfile.encoding=UTF-8 -server -Djsse.enableCBCProtection=false -Duser.language=en -Duser.reg ion=

View solution in original post

Reply
Solved! Jump to solution

pwesterbeek
Engager
‎11-19-2015 08:21 AM

Hi,

I spend a whole day trying to connect using all of this above ( and more, i.e. digging through the canyons of the internet), but to no result. Problem was solved when I uninstalled Java 1.8 and reinstalled Java 1.7.

Works like a charm now.

Btw I am using splunk 6.3. on Linux (Ubuntu). Using sqljdbc4.jar from microsoft (https://www.microsoft.com/en-us/download/details.aspx?displaylang=en&id=11774) to connect to MS SQL server 12.0.2000

Java.conf:

[java]
home = /usr/lib/jvm/default-java/jre
options = -Xmx256m -Dfile.encoding=UTF-8 -Djsse.enableCBCProtection=false -server -Duser.language=en -Duser.region=

0 Karma
Reply
Solved! Jump to solution

avisatna
New Member
‎06-16-2016 10:08 AM

Hi,

I'm getting below error for MS SQL connection,

Encountered the following error while trying to save: Splunkd daemon is not responding: ("Error connecting to /servicesNS/admin/dbx/dbx/databases: ('The read operation timed out',)",)

can please help for this

0 Karma
Reply
Solved! Jump to solution
Solution

splunkIT
Splunk Employee
Splunk Employee
‎09-04-2013 09:28 AM

By adding this -Djsse.enableCBCProtection=false param in the java options, I can connect to SSL enabled MSSQL instance without having to add any new parameters in the JDBC connection URL.

This appears to be a java bug:
https://www.aquaclusters.com/app/home/project/public/aquadatastudio/discussion/GeneralDiscussions/po...

https://forums.oracle.com/message/10843957

To workaround it, I have to add "-Djsse.enableCBCProtection=false" to the java options parameter, by appending it in the $SPLUNK_HOME/apps/dbx/local/java.conf file. Here is mine for your reference:

[java]
home = /home/luan/jdk1.7.0_25
options = -Xmx256m -Dfile.encoding=UTF-8 -server -Djsse.enableCBCProtection=false -Duser.language=en -Duser.reg ion=

Reply
Solved! Jump to solution

chrisproud
Engager
‎05-07-2015 02:31 AM

Hi, I'm experiencing this time-out connecting to a remote SQL 2014. I've tried the java options and arg.ssl=require but neither work. What can I try next? Thanks

My java.conf

[java]
home = C:\Program Files\Java\jre1.8.0_45
options = -Djsse.enableCBCProtection=false

0 Karma
Reply
Solved! Jump to solution

Chubbybunny
Splunk Employee
Splunk Employee
‎03-13-2015 10:40 AM

@splunkIT Thanks again!! this worked, now I can go have fun on the farm. 

(\__/)
(='.'=)
(")_(")
0 Karma
Reply
Solved! Jump to solution

amiracle
Splunk Employee
Splunk Employee
‎05-21-2015 08:24 AM

One quick fix to the statement above, you might want to add the region to this option entry:

options = -Xmx256m -Dfile.encoding=UTF-8 -server -Djsse.enableCBCProtection=false -Duser.language=en -Duser.region=us

0 Karma
Reply
Solved! Jump to solution

yyakovlev
Engager
‎03-12-2015 07:54 AM

Hello, i have the same issue during connecting dbx to mssql2012.
I add -Djsse.enableCBCProtection=false to .../apps/dbx/local/java.conf and it's didn't work

Can anybody help me with this?

0 Karma
Reply
Solved! Jump to solution

splunkIT
Splunk Employee
Splunk Employee
‎03-13-2015 10:46 AM

@yyakovlev, please open a ticket with splunk support if you still need assistance on db connect.

0 Karma
Reply
Get Updates on the Splunk Community!

Modern way of developing distributed application using OTel

Recently, I had the opportunity to work on a complex microservice using Spring boot and Quarkus to develop a ...

Enterprise Security Content Update (ESCU) | New Releases

Last month, the Splunk Threat Research Team had 3 releases of new security content via the Enterprise Security ...

Archived Metrics Now Available for APAC and EMEA realms

We’re excited to announce the launch of Archived Metrics in Splunk Infrastructure Monitoring for our customers ...