I changed Splunk from using SSLv3 to TLSv1.2, and ...

bosburn_splunk · ‎01-22-2015

I changed Splunk to use TLSv1.2 and disabled SSLv3, now my java portlet using the Java SDK will no longer connect. Why?

OR

I upgraded to the Java 8u31 (which was recently released) and they disabled SSLv3. My apps no longer connect. Why?

ntbahriti_splun · ‎07-22-2015

With the Splunk SDK version 1.4.0 you don't need to modify, compile and repackage the HttpService.java in the JAR.
There are explanations and a working code example, last paragraph at:
http://answers.splunk.com/answers/209379/no-appropriate-protocol-protocol-is-disabled-or-ci.html#ans....

bosburn_splunk · ‎01-22-2015

By default, the Splunk Java SDK will use SSLv3 to connect. You will need to change this to TLS per the following instructions. This will be changed in a future release.

You will have to modify HttpService.java and change the following lines:

SSLContext context = SSLContext.getInstance("SSL");
to
SSLContext context = SSLContext.getInstance("TLSv1.2");

public static final String[] PROTOCOLS = {"SSLv3"};
to
public static final String[] PROTOCOLS = {"TLSv1.2"};

You will have to recompile the jar and redeploy it as well.

I changed Splunk from using SSLv3 to TLSv1.2, and the Splunk Java SDK will not connect..

Extending Observability Content to Splunk Cloud

More Control Over Your Monitoring Costs with Archived Metrics!

New in Observability Cloud - Explicit Bucket Histograms