So, we've got a vulnerability scan showing that SSLv3 is enabled on port 8090 on our Splunk 6.5.2 cluster (master, 2 indexers, 1 search head), and for the life of me, I can't figure out where to disable it. I've verified that splunkd is listening on TCP 8090 via netstat, but I can't find the .conf file where it is configured so I can set the sslVersions. The service on the port appears to be identical to port 8089, the mangement port.
Has anybody else seen this port open in their environment or figured out how to disable SSLv3 for this specific port?
Thanks, all.
... View more