Hi,
My bitbucket properties looks like this
server.port=443
server.ssl.enabled=true
server.ssl.enabled-protocol=TLSv1.2
server.secure=true
server.scheme=https
serverserver.ssl.ciphers=HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!kRSA:!3DES:!DHE:!DH
server.ssl.key-store=C:/Atlassian/ApplicationData/Bitbucket/shared/config/bitkeystore
server.ssl.key-store-password=******
server.ssl.key-password=*******
How to disable TLS1.0 and TLS1.1 and weak ciphers
--------------------
when i modify the config something like the below, it disables 1.0, and enabling 1.1 and 1.2
server.ssl.enabled-protocols=TLSv1.2, TLS1.1
However when i keep the config like the below (only TLS1.2)
server.ssl.enabled-protocol=TLSv1.2 .
It enables everything 1.0, 1.1., 1.2
Any help, much appreciated
Thanks
R
Hi Ranjith,
Can you try the following steps?
Bitbucket Server version 5.+
Edit <Bitbucket home directory>
/shared/bitbucket.properties
Add the following to the connector:
server.ssl.enabled=true
server.ssl.enabled-protocols=TLSv1.2
Start Bitbucket Server
Bitbucket Server up to version 4.x
Edit <Bitbucket Home Directory>/shared/server.xml
Add the following to the connector:
SSLEnabled="true"
sslEnabledProtocols="TLSv1.2"
Start Bitbucket Server
Hi Mehmet, Thanks. it got fixed now.
when i run sslscan i see TLS1.2 accepts DHE 1024 bits cipher. Appreciate if we have any fix for this.
Thanks
Ranjith
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.