Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Confluence and JIRA Security - Diffie-Hellman for TLS

Mario Günter
Mario Günter
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
May 26, 2015

Hi,

tested Confluence and JIRA against https://weakdh.org/sysadmin.html

Both are affected. 

Tried to add the cipher attribute to the SSL-Connector in server.xml. 

After that Confluence's Sidebar was hidden an the possibility to edit documents in attachments was gone. 

How did/do you fix that issue? 

Cheers, 

Mario

Answer
Watch
Like Chaos Computer Club Mainz Wiesbaden likes this
336 views

2 answers

1 accepted

0 votes
Answer accepted
Christian Schus3
Christian Schuster May 27, 2015

You can change the Attribute within the Apache and leave the Tomcat be.

Its never a good idea to run a tomcat directly.

Always use an Apache as Proxy.

 

Reply
0 votes
Timothy
Timothy
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
May 27, 2015

What does this have to do with Atlassian? Shouldn't this all be configured in Apache?

View More Comments
T_CON GmbH _ Co_ KG
T_CON GmbH _ Co_ KG May 27, 2015

Is this behaviour related to Apache Tomcat, too? -> "After that Confluence's Sidebar was hidden an the possibility to edit documents in attachments was gone. "

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira Software
TAGS
AUG Leaders

Atlassian Community Events

    See all events