Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

sourcetree windows 3.0.8 pull calls api.bitbucket.org with TLS 1.0 (BB will force 1.2 on dec-1st)

michael rimli
michael rimli November 21, 2018

Hi Atlassian Sourcetree Community.

 

I saw this link stating that bitbucket will turn off tls 1.0 and 1.1, and only use tls 1.2 starting december-1.  https://bitbucket.org/blog/deprecating-tlsv1-tlsv1-1-2018-12-01

 

So I upgraded sourcetree to the latest windows version, 3.0.8, and did a wireshark/tcpdump network capture.  Most items are good tls 1.2, but when doing a Pull I do see some bad tls 1.0 entries.  I'm on windows 10 pro ver 1703.  Doing git from sourcetree Open->Terminal looks good ( GIT_CURL_VERBOSE=1 git ls-remote https://bitbucket.org/ uses 1.2).  I'm using the built-in git of sourcetree.

 

So i'm concerned that something will break on that date.  Can someone else confirm or deny what I saw, that some part of sourcetree is still using old tls 1.0 ?

Thanks.  -Mike

wireshark_sourcetree_tls1.0.png

Answer
Watch
Like Be the first to like this
379 views

1 answer

0 votes
minnsey
minnsey
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
November 23, 2018

Can you check what version of Git/Git Credential Manager you are using? see https://githubengineering.com/crypto-removal-notice/ for more information.

Sourcetree relies on the OS and should be just using TLS 1.2

Reply

Suggest an answer

Log in or Sign up to answer
Sourcetree
Sourcetree
TAGS
AUG Leaders

Atlassian Community Events

    See all events