Configure SSL/TLS1.2 Fisheye/Crucible jetty

# Do not use p12 store otherwise no ciphers will be available. First convert your p12 store to jks file:
/usr/java/jdk1.8.0_201/bin/keytool -importkeystore -srckeystore jira_keystore.pkcs12 -srcstoretype pkcs12 -srcstorepass XXX -srcalias 1 -destkeystore jira_keystore.jks -deststoretype jks -deststorepass XXX -destalias 1

# Edit $fisheyeInstallDir/config.xml
# Example:
<ssl bind=":8060" keystore="/home/jira/jira_keystore.jks" keystore-password="XXX" truststore="/home/secret/jira_keystore.jks" truststore-password="XXX">
	<includeProtocols>
		<protocol>TLSv1.2</protocol>
	</includeProtocols>
</ssl>

# Example extra secure (might not work):
<ssl bind=":8060" keystore="/home/jira/jira_keystore.jks" keystore-password="XXX" truststore="/home/secret/jira_keystore.jks" truststore-password="XXX">
	<includeProtocols>
		<protocol>TLSv1.2</protocol>
	</includeProtocols>
	<includeCipherSuites>
		<cipherSuite>TLS_RSA_WITH_AES_256_CBC_SHA</cipherSuite>
	</includeCipherSuites>
	<excludeProtocols>
		<protocol>SSLv3</protocol>
	</excludeProtocols>
	<excludeCipherSuites>
		<cipherSuite>SSL_RSA_WITH_3DES_EDE_CBC_SHA</cipherSuite>
		<cipherSuite>SSL_DHE_RSA_WITH_DES_CBC_SHA</cipherSuite>
		<cipherSuite>SSL_DHE_DSS_WITH_DES_CBC_SHA</cipherSuite>
	</excludeCipherSuites>
</ssl>
Share on facebook
Share on google
Share on twitter
Share on linkedin
Share on whatsapp