aboutsummaryrefslogtreecommitdiffstats
path: root/sonar-application/src/main
diff options
context:
space:
mode:
authorSimon Brandhof <simon.brandhof@sonarsource.com>2015-01-31 23:04:52 +0100
committerSimon Brandhof <simon.brandhof@sonarsource.com>2015-02-02 21:47:45 +0100
commitb50745d4f87179c3b77f383efbe3e5b934915c1a (patch)
tree05b925f2637d3566ebae6dcdca456b0c0871107e /sonar-application/src/main
parent94e710210a75da9354fe7c1e93ed69d1ca96971c (diff)
downloadsonarqube-b50745d4f87179c3b77f383efbe3e5b934915c1a.tar.gz
sonarqube-b50745d4f87179c3b77f383efbe3e5b934915c1a.zip
SONAR-6140 Ability to restrict list of HTTPS ciphers with the new propert sonar.web.https.ciphers
Diffstat (limited to 'sonar-application/src/main')
-rw-r--r--sonar-application/src/main/assembly/conf/sonar.properties9
1 files changed, 9 insertions, 0 deletions
diff --git a/sonar-application/src/main/assembly/conf/sonar.properties b/sonar-application/src/main/assembly/conf/sonar.properties
index 2b9c3dbdedd..84feed3c14e 100644
--- a/sonar-application/src/main/assembly/conf/sonar.properties
+++ b/sonar-application/src/main/assembly/conf/sonar.properties
@@ -154,6 +154,15 @@
# and 'true' (certificates are required).
#sonar.web.https.clientAuth=false
+# HTTPS - comma separated list of encryption ciphers to support for HTTPS connections.
+# If specified, only the ciphers that are listed and supported by the SSL implementation will be used.
+# By default, the default ciphers for the JVM will be used. Note that this usually means that the weak
+# export grade ciphers will be included in the list of available ciphers.
+# The ciphers are specified using the JSSE cipher naming convention (see
+# https://www.openssl.org/docs/apps/ciphers.html)
+# Example: sonar.web.https.ciphers=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
+#sonar.web.https.ciphers=
+
# The maximum number of connections that the server will accept and process at any given time.
# When this number has been reached, the server will not accept any more connections until
# the number of connections falls below this value. The operating system may still accept connections