aboutsummaryrefslogtreecommitdiffstats
path: root/sonar-application/src/main/assembly/conf/sonar.properties
diff options
context:
space:
mode:
Diffstat (limited to 'sonar-application/src/main/assembly/conf/sonar.properties')
-rw-r--r--sonar-application/src/main/assembly/conf/sonar.properties12
1 files changed, 9 insertions, 3 deletions
diff --git a/sonar-application/src/main/assembly/conf/sonar.properties b/sonar-application/src/main/assembly/conf/sonar.properties
index abc68188936..53fb2cfb207 100644
--- a/sonar-application/src/main/assembly/conf/sonar.properties
+++ b/sonar-application/src/main/assembly/conf/sonar.properties
@@ -102,6 +102,13 @@
# TCP port for incoming HTTP connections. Disabled when value is -1.
#sonar.web.port=9000
+
+# Recommendation for HTTPS
+# SonarQube natively supports HTTPS. However using a reverse proxy
+# infrastructure is the recommended way to set up your SonarQube installation
+# on production environments which need to be highly secured.
+# This allows to fully master all the security parameters that you want.
+
# TCP port for incoming HTTPS connections. Disabled when value is -1 (default).
#sonar.web.https.port=-1
@@ -156,11 +163,10 @@
# HTTPS - comma separated list of encryption ciphers to support for HTTPS connections.
# If specified, only the ciphers that are listed and supported by the SSL implementation will be used.
+# By default, the default ciphers for the JVM will be used. Note that this usually means that the weak
+# export grade ciphers, for instance RC4, will be included in the list of available ciphers.
# The ciphers are specified using the JSSE cipher naming convention (see
# https://www.openssl.org/docs/apps/ciphers.html)
-# By default, the Mozilla recommendations are followed (Intermediate Compatibility). See
-# https://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28default.29
-#
# Example: sonar.web.https.ciphers=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
#sonar.web.https.ciphers=