Details
-
Suggestion
-
Resolution: Unresolved
-
None
-
None
-
1
-
Description
Problem Definition
In the document Securing Bitbucket Server with Tomcat using SSL, section Configure HTTPS in bitbucket.properties, subsection 1a, after the example provided there is an expandable section "What these properties do...".
Expanding the section shows a reference table in which the property server.ssl.client-auth is mentioned. The explanation provided for this property does not mention that it is optional, making our customers believe that this setting is in fact mandatory.
Suggested Solution
The explanation provided should clarify that this setting is optional, and should only be used in very specific business cases where client authentication is required, and that not specifying that setting at all would set the default value of "false" instead of "need" or "want".
Workaround
There are no known workarounds at this moment.