# Do not use p12 store otherwise no ciphers will be available. First convert your p12 store to jks file:
/usr/java/jdk1.8.0_201/bin/keytool -importkeystore -srckeystore jira_keystore.pkcs12 -srcstoretype pkcs12 -srcstorepass XXX -srcalias 1 -destkeystore jira_keystore.jks -deststoretype jks -deststorepass XXX -destalias 1
# Edit $fisheyeInstallDir/config.xml
# Example:
<ssl bind=":8060" keystore="/home/jira/jira_keystore.jks" keystore-password="XXX" truststore="/home/secret/jira_keystore.jks" truststore-password="XXX">
<includeProtocols>
<protocol>TLSv1.2</protocol>
</includeProtocols>
</ssl>
# Example extra secure (might not work):
<ssl bind=":8060" keystore="/home/jira/jira_keystore.jks" keystore-password="XXX" truststore="/home/secret/jira_keystore.jks" truststore-password="XXX">
<includeProtocols>
<protocol>TLSv1.2</protocol>
</includeProtocols>
<includeCipherSuites>
<cipherSuite>TLS_RSA_WITH_AES_256_CBC_SHA</cipherSuite>
</includeCipherSuites>
<excludeProtocols>
<protocol>SSLv3</protocol>
</excludeProtocols>
<excludeCipherSuites>
<cipherSuite>SSL_RSA_WITH_3DES_EDE_CBC_SHA</cipherSuite>
<cipherSuite>SSL_DHE_RSA_WITH_DES_CBC_SHA</cipherSuite>
<cipherSuite>SSL_DHE_DSS_WITH_DES_CBC_SHA</cipherSuite>
</excludeCipherSuites>
</ssl>
Configure SSL/TLS1.2 Fisheye/Crucible jetty
- April 13, 2019
- 2:46 am