Uploaded image for project: 'Bitbucket Data Center'
  1. Bitbucket Data Center
  2. BSERV-12455

SSL documentation should clarify that server.ssl.client-auth is an optional setting

    XMLWordPrintable

Details

    • Suggestion
    • Resolution: Unresolved
    • None
    • Documentation (User)
    • None
    • 1
    • We collect Bitbucket feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

    Description

      Problem Definition

      In the document Securing Bitbucket Server with Tomcat using SSL, section Configure HTTPS in bitbucket.properties, subsection 1a, after the example provided there is an expandable section "What these properties do...".
      Expanding the section shows a reference table in which the property server.ssl.client-auth is mentioned. The explanation provided for this property does not mention that it is optional, making our customers believe that this setting is in fact mandatory.

      Suggested Solution

      The explanation provided should clarify that this setting is optional, and should only be used in very specific business cases where client authentication is required, and that not specifying that setting at all would set the default value of "false" instead of "need" or "want".

      Workaround

      There are no known workarounds at this moment.

      Attachments

        Activity

          People

            chaiss@atlassian.com Christine Haiss (Inactive)
            fkraemer Felipe Kraemer
            Votes:
            3 Vote for this issue
            Watchers:
            5 Start watching this issue

            Dates

              Created:
              Updated: