diff options
Diffstat (limited to 'sonar-application/src/main/assembly/conf/sonar.properties')
-rw-r--r-- | sonar-application/src/main/assembly/conf/sonar.properties | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/sonar-application/src/main/assembly/conf/sonar.properties b/sonar-application/src/main/assembly/conf/sonar.properties index abc68188936..53fb2cfb207 100644 --- a/sonar-application/src/main/assembly/conf/sonar.properties +++ b/sonar-application/src/main/assembly/conf/sonar.properties @@ -102,6 +102,13 @@ # TCP port for incoming HTTP connections. Disabled when value is -1. #sonar.web.port=9000 + +# Recommendation for HTTPS +# SonarQube natively supports HTTPS. However using a reverse proxy +# infrastructure is the recommended way to set up your SonarQube installation +# on production environments which need to be highly secured. +# This allows to fully master all the security parameters that you want. + # TCP port for incoming HTTPS connections. Disabled when value is -1 (default). #sonar.web.https.port=-1 @@ -156,11 +163,10 @@ # HTTPS - comma separated list of encryption ciphers to support for HTTPS connections. # If specified, only the ciphers that are listed and supported by the SSL implementation will be used. +# By default, the default ciphers for the JVM will be used. Note that this usually means that the weak +# export grade ciphers, for instance RC4, will be included in the list of available ciphers. # The ciphers are specified using the JSSE cipher naming convention (see # https://www.openssl.org/docs/apps/ciphers.html) -# By default, the Mozilla recommendations are followed (Intermediate Compatibility). See -# https://wiki.mozilla.org/Security/Server_Side_TLS#Intermediate_compatibility_.28default.29 -# # Example: sonar.web.https.ciphers=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 #sonar.web.https.ciphers= |