๐๏ธ Configure SSL Options for HttpRequest
The code here is sample code only and it is not officially supported by Digital.ai. If you have questions, please contact the Digital.ai Support Team.
๐๏ธ Manage Encrypted Passwords in Release
Release provides a mechanism to automatically encrypt passwords and enables you to refer to them, so you do not need to store third-party passwords in plain text in configuration files. To declare a new third-party password:
๐๏ธ Update the Digital Certificate
The Release Setup Wizard can generate a self-signed digital certificate for secure communications. This can cause issues in situations where Release needs to be accessed via a URL other than https5516, because the common name in the certificate is localhost. For more information, see Install Release using a manual setup.
๐๏ธ Trust a Deploy Server's Certificate
If you configured your Deploy server to use a self-signed certificate and then added the server to Release, you will notice that testing the connection fails with the following error:
๐๏ธ Configure Atlassian Crowd Security for Release
Release has a role-based security system with two types of users:
๐๏ธ Use Passwords Variables in a Remote Script Task
Release prevents the improper usage of passwords by allowing password type variables to be used only in password fields.
๐๏ธ Configure HTTP CSRF Protection
Cross site request forgery or CSRF is a class of attack that forces an end user to execute unwanted actions on an application when the user is authenticated. You can configure CSRF protection in Release.
๐๏ธ Configure HTTP sameSite Cookie Configuration
* For better security, Digital.ai Release 22.1 and later support the sameSite attribute of the Set-Cookie HTTP response header allowing session cookies to be restricted to a first-party or same-site context.
๐๏ธ Configure Pendo Analytics and Guidance
Pendo.io is a Product Analytics platform used in Release to enrich the product experience and provide insights to the product management team.
๐๏ธ Security FAQs
What are the implications of deprecating TLS protocol versions 1.0 and 1.1?