News Tips & Tricks

YouTrack InCloud Discontinues HTTP Support

We at JetBrains care about the security of our customers’ data. It is extremely important that we keep it safe for you.
As you might know, YouTrack InCloud instances use the HTTPS protocol by default, but this wasn’t always the case. We also give you the option to disable HTTPS for your instance. To make YouTrack more secure, we have decided to discontinue support for HTTP connections.

Who is affected?
This change affects YouTrack InCloud instances where:

  • The instance was registered before December 2015 and is not configured to use HTTPS. Instances created after this date use HTTPS by default.
  • The HTTPS only setting has been manually disabled, allowing unsecured connections over HTTP. To verify this setting, check the Domain Settings page.
  • The instance uses a custom domain name and does not have a valid SSL certificate for the custom domain.
  • The instance accepts HTTP requests from external integrations that use the REST API.

What does it mean?
If you interact with YouTrack in your browser, you basically don’t have to do anything. You will be redirected to use an HTTPS connection automatically.

All of the instances that are hosted on the *.myjetbrains.com domain will switch to HTTPS.

If you have a custom domain set up for your instance, we will automatically generate a certificate signed by Let’s Encrypt for you. You will still be able to set up your own certificates, so no changes will be applied to certificates that were installed previously.

The only situation that requires action on your part is when you have external integrations that access data in YouTrack using the REST API over an unsecured connection. In this case, you need to update these integrations to use HTTPS. Otherwise, the connections are refused and the integration is broken.

When will it happen?
We plan to disable HTTP access in approximately one month. To ensure that your integrations work properly, make sure that all of your applications that use the YouTrack REST API are updated to use HTTPS before then.

Thank you for using YouTrack.
If you have any questions, please contact our support team.

image description