I have confluence 5.10 installed on with the packaged tomcat on windows platform.
We have a third party application which can communicate to confluence only over sslv3 protocol.
My question is how can enable the tomcat on confluence server to accept handshakes in sslv3 protocol (in addition to tlsv1, tlsv1.1 and tlsv1.2).
I would stop using this third party application until it is made safe.
sslv3 is broken and not secure. It's regularly probed by bots looking for security holes and when found, used as an attack vector.
You really do not want to enable sslv3.
This protocol is disabled at jvm level you will need to enable it using the below jvm argument
No value, it means SSLv2 and SSLv3 are now enabled as they are disabled by default.
In the Tomcat configuration add SSLv3 to the ssl protocols
Please try on test first. I am assuming you are using Tomcat 8 as it is the only compatible version with 5.10
Good good. Yes, it's pretty much the same in all operating systems.
Find the setenv.bat (setenv.sh on Unix-like systems). Open it up with a text editor and look for where -D is used. Jira's setenv files tend to have a line near the top which says "put debug arguments in here", followed by JVM_ARG="", and it's best to use that for Jira.
Confluence varies by version. In 6.3, there's a lot of lines like
You can add one for this:
Note that this enables a number of other insecure protocols, not just sslv3
Do you use templates with Confluence? Take part in a remote 1-hr workshop. You'll receive USD $100 for your time! We're looking for people to participate in a remote 1-hr workshop...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs