Hello,
I have created a Http Event Collector token for a user. He is using a AWS lambda function in order to access the SPLUNK_HEC_URL and he is receiving the following error:
error0407006A:rsa routines: RSA_padding_check_PKCS1_type_1:invalid padding:../deps/openssl/openssl/cryp
error:04067042:rsa routines: RSA_EAY_PUBLIC_DECRYPT: padding check failed: ../dep/openssl/crypto/rsa/rsa_eay.c: 693:"
error:14000D04B: SSL routines: SSL routines : ssl3_get_key_exchange : bad signature: ../deps/openssl/openssl/ssl/s4_
"_errnoException (util.js : 1022 : 11)"
Has anyone come across this issue before? And if so, can you please assist?
What language is he using? Try disabling SSL certificate validation on the request to Splunk.
He is using json. No I have not, how and where do you disable the SSL certificate?
Hmm, json is not a programming language, rereading your original error I believe it's NodeJS. So he could do the following in his code:
Add
process.env["NODE_TLS_REJECT_UNAUTHORIZED"] = 0;
in code, before calling https.request()