Learn about security solutions and standards
Care about security? We do too. Learn what Atlassian does and what you can do too.
Supported security protocols for Atlassian cloud products
As industry security standards evolve for TLS and their associated ciphers, Atlassian will deprecate support for older, less secure protocols and ciphers. See the list below for the most up-to-date supported cipher suites by product.
Atlassian uses a cryptographic technology known as Transport Layer Security (TLS) to secure data sent across the internet between our customers and Atlassian cloud products. TLS provides privacy and data integrity through the use of one or more cipher suites. A cipher suite is a combination of authentication, encryption, and message authentication code algorithms used during the negotiation of security settings and the transfer of data.
Atlassian cloud products affected
This affects all secured traffic (HTTPS) to Atlassian cloud products, including:
Atlassian.com
Atlassian Marketplace
Bitbucket Cloud
Confluence Cloud
Halp
Jira Cloud
Jira Service Desk
Statuspage
Trello
The type of traffic that's impacted includes:
Atlassian cloud product web interfaces viewed in a browser
API calls to Atlassian cloud product API endpoints
Hosted sites on bitbucket.io
Other HTTPS traffic not listed here
Supported TLS protocols
TLS version 1.2 (or higher) is required for all Atlassian products and services. TLS version 1.1 and lower is unsupported. Any version of SSL is unsupported.
Supported cipher suites
Atlassian cloud products may attempt to negotiate with clients using the following cipher suites. These cipher suites provide a good balance of security and performance while maintaining compatibility with almost every client or browser released in the last five years.
Cipher suite | Protocol | atlassian.com, Atlassian MarketPlace, Trello, Halp, Confluence Cloud, Jira Cloud, Jira Service Desk | Bitbucket Cloud | Statuspage |
|---|---|---|---|---|
TLS_AES_128_GCM_SHA256 | TLS 1.3 | ✅ | ✅ | ✅ |
TLS_AES_256_GCM_SHA384 | TLS 1.3 | ✅ | ✅ | ✅ |
TLS_CHACHA20_POLY1305_SHA256 | TLS 1.3 | ✅ | ❌ | ❌ |
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 | TLS 1.2 | ✅ | ❌ | ❌ |
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 | TLS 1.2 | ✅ | ✅ | ✅ |
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 | TLS 1.2 | ✅ | ✅ | ✅ |
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 | TLS 1.2 | ❌ | ✅ | ✅ |
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 | TLS 1.2 | ❌ | ✅ | ✅ |
TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 | TLS 1.2 | ✅ | ❌ | ❌ |
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 | TLS 1.2 | ✅ | ✅ | ❌ |
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 | TLS 1.2 | ✅ | ✅ | ❌ |
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA | TLS 1.2 | ❌ | ❌ | ✅ |
Was this helpful?