diff options
author | Simon Brandhof <simon.brandhof@sonarsource.com> | 2015-02-04 11:05:39 +0100 |
---|---|---|
committer | Simon Brandhof <simon.brandhof@sonarsource.com> | 2015-02-04 11:05:51 +0100 |
commit | bd22041edd9715212bc1c5a92eed393af80de95f (patch) | |
tree | bfcba55454a5449517a491c4bc2cb4a82f5f0013 /sonar-application/src | |
parent | d17a1224ec3140ec939c36a5e939a2c04e5fc741 (diff) | |
download | sonarqube-bd22041edd9715212bc1c5a92eed393af80de95f.tar.gz sonarqube-bd22041edd9715212bc1c5a92eed393af80de95f.zip |
SONAR-6140 use JVM ciphers by default
Diffstat (limited to 'sonar-application/src')
-rw-r--r-- | sonar-application/src/main/assembly/conf/sonar.properties | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/sonar-application/src/main/assembly/conf/sonar.properties b/sonar-application/src/main/assembly/conf/sonar.properties index abc68188936..53fb2cfb207 100644 --- a/sonar-application/src/main/assembly/conf/sonar.properties +++ b/sonar-application/src/main/assembly/conf/sonar.properties @@ -102,6 +102,13 @@ # TCP port for incoming HTTP connections. Disabled when value is -1. #sonar.web.port=9000 + +# Recommendation for HTTPS +# SonarQube natively supports HTTPS. However using a reverse proxy +# infrastructure is the recommended way to set up your SonarQube installation +# on production environments which need to be highly secured. +# This allows to fully master all the security parameters that you want. + # TCP port for incoming HTTPS connections. Disabled when value is -1 (default). #sonar.web.https.port=-1 @@ -156,11 +163,10 @@ # HTTPS - comma separated list of encryption ciphers to support for HTTPS connections. # If specified, only the ciphers that are listed and supported by the SSL implementation will be used. +# By default, the default ciphers for the JVM will be used. Note that this usually means that the weak +# export grade ciphers, for instance RC4, will be included in the list of available ciphers. # The ciphers are specified using the JSSE cipher naming convention (see # https://www.openssl.org/docs/apps/ciphers.html) -# By default, the Mozilla recommendations are followed (Intermediate Compatibility). See -# https://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28default.29 -# # Example: sonar.web.https.ciphers=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 #sonar.web.https.ciphers= |