We are performing a phasewise scheduled maintenance of our Zephyr for Jira Cloud and Capure for Jira Cloud instances to be compliant with GDPR- Atlassian privacy policy (https://www.atlassian.com/trust/privacy) .Please expect a downtime during this phase of maintenance from Saturday, 01/12/2019, 9:30 PM PST up until Sunday 01/13/2019, 9:30 AM PST.This will be for our phasewise deployment of infrastructure changes, migration utility verification and customer data migration, as part of our GDPR and Atlassian privacy policy compliance efforts.For any further queries regarding this please rasie a ticket by using the option 'Submit a Ticket' below
Support | Zephyr



How to disable SSLv3 on rtmps port in Zephyr Enterprise Edition

Created on

Problem

How to disable SSLv3 on rtmps port in Zephyr Enterprise Edition

Fix

In services-config.xml, the protocol stay as TLS that doesn't change, what you would need to do is limit the Ciphers allowed which wouldn't include any that are supported by sslv3. Some suggested ciphers to use are configured below

clientAuth="false" sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2" sslProtocol="TLS"

<keystore-type>JKS</keystore-type>
<keystore-file> </keystore-file>
<keystore-password> </keystore-password>
<alias> </alias>
<protocol>TLS</protocol>
<enabled-cipher-suites>
<cipher-suite>TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA </cipher-suite>
<cipher-suite>TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384</cipher-suite>
<cipher-suite>TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA </cipher-suite>
<cipher-suite>TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384</cipher-suite>
</enabled-cipher-suites>

 

Note : These assume JDK7 is used, If using any ciphers with 256 you would need to install the JCE Unlimited Crypto for the JDK 7 for you to work.

 

 


Knowledge Base Document Information:

---------------------------------------------------------------------------------------------------------------------------

Title: How to disable SSLv3 on rtmps port in Zephyr Enterprise Edition

Product: Zephyr Enterprise Edition

Version: All

Summary: Limiting the Ciphers allowed which wouldn't include any that are supported by sslv3

---------------------------------------------------------------------------------------------------------------


Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request
Powered by Zendesk