Configured a Splunk ETL in environment but it fails after a Splunk Search Heads upgrade to 6.3.3 <----cut----> [2018-01-12 09:21:41] INFO Splunk Connector Core: using SSL security protocol TLSv1 [2018-01-12 09:21:41] FAILED BCO_ETL_ERR011: Detected an abnormal ETL termination. Reason: java.lang.RuntimeException: Received fatal alert: protocol_version at com.splunk.HttpService.send(HttpService.java:409) at com.splunk.Service.send(Service.java:1293) at com.splunk.HttpService.post(HttpService.java:308) at com.splunk.Service.login(Service.java:1122) at com.splunk.Service.login(Service.java:1101) at com.splunk.Service.connect(Service.java:187) at ETL.util.SplunkCoreME.connect(SplunkCoreME.java:137) at com.neptuny.cpit.etl.Engine.start(Engine.java:129) at com.neptuny.cpit.etl.ETLrun.main(ETLrun.java:171) Caused by: javax.net.ssl.SSLException: Received fatal alert: protocol_version at sun.security.ssl.Alerts.getSSLException(Alerts.java:208) at sun.security.ssl.Alerts.getSSLException(Alerts.java:154) at sun.security.ssl.SSLSocketImpl.recvAlert(SSLSocketImpl.java:2023) at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1125) at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375) at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403) at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387) at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559) at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185) at sun.net.www.protocol.http.HttpURLConnection.getOutputStream0(HttpURLConnection.java:1283) at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:1258) at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(HttpsURLConnectionImpl.java:250) at com.splunk.HttpService.send(HttpService.java:403) ... 8 more <----cut----> |
Make sure have selected the correct protocol TLSv1.2 on the ETL as TLSv1 is obsolete in Java 1.8. So,the ETL configuration was set to use TLSv1. For Java 1.8, which is the version used by TSCO 10.7.01, the default TLS protocol is v1.2. Java 1.6 and 1.7 default is obsoleted TLS1.0. |