Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Enable SSL on Atlassian Stack

Chris Wolford
Chris Wolford
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
Get involved
August 5, 2019

We're trying to enable SSL's on our server that has Confluence, JIRA, and bitbucket installed. Each software is on a separate port. When we try to enable the SSL's the AD authentication as well as all of the JIRA gagets break. 

Could you please provide documentation on how to apply a SSL to the software. 

Answer
Watch
Like Be the first to like this
336 views

2 answers

0 votes
JP _AC Bielefeld Leader_
JP _AC Bielefeld Leader_
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
August 6, 2019

Hi,

please think about setting up a reverse proxy (Apache HTTPD or nginx) in front of the application servers (Jira, Confluence, Bitbucket) & terminate the SSL there.

https://confluence.atlassian.com/kb/proxying-atlassian-server-applications-with-apache-http-server-mod_proxy_http-806032611.html

Advantage:

* SSL setup only once & much easier than handling with certificate key files

* More flexible if you need to move a server to another machine or you need a cold standby

Best

JP

View More Comments
Mike Rathwell
Mike Rathwell
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
August 6, 2019

Good call @JP _AC Bielefeld Leader_ 

I have mine behind an NGINX server (my preference as about 1,936 times easier to get configured right) and it does what you say. Cert changes are simple and quick (only takes seconds to reload the NGINX container when there are new certs rather than bouncing Jira and Confluence).

I configured mine with wildcards so that the same config works for <app>.company.com also works for test.<app>.company.com so I don't have to make new ones for diffferent operating environments/etc. I also went the route of a parent "snake oil" cert which does tend to hide the applications/services a bit from casual scanning.

Like
Reply
0 votes
Mike Rathwell
Mike Rathwell
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
August 5, 2019

Hi @Chris Wolford 

There isn't a lot to go on in your post but there are rather a lot of things that you need to do to get this going.... 

From these, I suspect you're going to need to add the public key for the AD server to your cacerts file to let Jira/Confluence talk to it via SSL and get responses back...

SSL is always a ton of fun. This article to diagnose SSL connection problems has always been helpful to me as well

Reply

Suggest an answer

Log in or Sign up to answer
Confluence
Confluence
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security