Importance of OpenSSL 3.0

In the ever-evolving landscape of digital security, staying ahead of threats and ensuring organizational protection is paramount. Enter OpenSSL3.0—a major step forward in modernizing cryptographic standards and compliance. OpenSSL3.0 is redefining how organizations and developers safeguard their digital environments. Many standards now require OpenSSL3.0 to remain secure and compliant; explore the Splunk Enterprise Beta program to begin hardening your deployment and applications today to be ready for fast moving compliance requirements. In addition, the Splunk Health Assistant Add-On, available through Splunkbase, supplements the Splunk Enterprise Monitoring Console with new validations, allowing customers to update the validation logic before upgrading their Splunk Enterprise deployment.

Updating OpenSSL 3.0 is only one of several major modernizations and changes coming up in the next Splunk Enterprise and Splunk Cloud Platform release. Learn about the updates in this Lantern Article.

Hold On, Remind Me About OpenSSL. What Is It?

OpenSSL is a third-party, open-source library fundamental to Splunk’s Public Key Infrastructure, used for secure communications (TLS/SSL), encryption, signing and hashing. OpenSSL plays a crucial role in securing communications over computer networks, generating private keys, creating Certificate Signing Requests (CSRs), installing SSL/TLS certificates, and identifying certificate information. With the advent of OpenSSL 3.0, a significant update has ushered in new features and improvements that are essential for modern applications and infrastructure.

Great. So, What Is OpenSSL 3.0 and What’s New About It?

OpenSSL3.0 offers a more modular architecture, adds new cryptographic algorithms, and removes insecure ones (such as MD5, RC4, and SSL3.0) to address security issues. It is also a necessary step for updating other dependencies in the Splunk platform, such as Python 3.9 and KV Service.

While the OpenSSL 3.0 library no longer includes support for the deprecated TLS 1.0 and TLS 1.1 protocols and these protocols are not available when the Splunk platform is run in FIPS mode, Splunk has added support for these protocols into the OpenSSL 3.0 package that is shipped with the next version of the Splunk platform in an effort to reduce disruption associated with customer upgrades. However, we encourage all customers and app developers to prioritize migration to TLS 1.2.

What Makes OpenSSL 3.0 More Secure?

OpenSSL3.0 delivers numerous security improvements over its predecessors. An ongoing list of these enhancements is published by OpenSSL, ensuring transparency and continuous updates for users. Explore the detailed security improvements here.

Why Move To OpenSSL 3.0?

Migrating to OpenSSL3.0 is an industry best practice due to its extensive security improvements over OpenSSL 1.0.2, which is included in Splunk platform versions 9.4 and lower. OpenSSL3.0 is also required for compliance with crucial security standards, including the FIPS 140-3 revision, mandatory for all US federal agency customers by September 2026.

OpenSSL3.0 provides cryptographic algorithms and protocols that application developers may need to communicate securely with external services. Its modular architecture allows for enhanced flexibility and security in many application contexts.

Updating to OpenSSL3.0 represents a significant advancement for Splunk. Developers and administrators can expect improved support for modern protocols and more predictable upgrade paths, ultimately benefiting from the latest features and enhanced security.

What Actions Can I Take?

All Splunk App Developers can sign up for our Splunk Enterprise Beta and review this Splunk Community Blog for information on how to test their Splunk app compatibility with OpenSSL3.0.

OpenSSL3.0 is a significant milestone in the journey towards more secure and reliable digital communications. By staying informed and proactive, developers and organizations can ensure their systems remain robust and compliant with current standards. For a detailed overview of the upcoming changes in the next Splunk Enterprise and Splunk Cloud Platform update, visit this Lantern Article.

Michelle Moreira

Michelle is a Product Marketing Manager at Splunk, specializing in Splunk Enterprise and Splunk Cloud Platform. With a degree in Business & Technology from Stevens Institute of Technology, she has a robust background in Cybersecurity, Product Marketing, and Technology Consulting for enterprise organizations. Michelle is dedicated to helping data tell compelling stories and shaping them into clear, actionable insights for customers. Passionate about unifying customer's data ecosystems, she focuses on creating easy-to-manage and comprehensive data narratives. Outside of work, Michelle enjoys running, reading, traveling, and networking.

Tedd Hellmann

Tedd Hellmann has been empowering Splunk application developers since May '16.

Platform 5 Min Read

Cyclical Statistical Forecasts and Anomalies – Part 4

Discover an alternative technique of detecting anomalies and creating alerts with the Machine Learning Toolkit.

Platform 2 Min Read

Revolutionize Data Ingestion: Introducing Terraform Support for Splunk Cloud Platform

Splunk Cloud introduces Terraform support for Index, IP list, & HEC token management for efficient data ingestion.

Platform 2 Min Read

Show it Off with Splunk TV! More Ways to Display Your Best Dashboards

Splunk TV lets you easily display your data on the big screen to visualize and monitor what’s going on in your business.

About Splunk

The world’s leading organizations rely on Splunk, a Cisco company, to continuously strengthen digital resilience with our unified security and observability platform, powered by industry-leading AI.

Our customers trust Splunk’s award-winning security and observability solutions to secure and improve the reliability of their complex digital environments, at any scale.