Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

How do I configure JIRA Service Management to use SSL?

Scott Barr
Scott Barr July 5, 2021

I am struggling with finding the proper way to configure SSL for a JIRA Service Management Data Center implementation.   

I did find a guide on how to do this for the JIRA product itself, but it does not appear to be applicable because it needs additional JAVA setup on the server.   The JIRA Service Management installation bundle for Windows is supposed to come pre-configured with it's own JAVA, so should not be needed.

Can anyone help point me in the right direction to get started?

Answer
Watch
Like Be the first to like this
1550 views

3 answers

2 accepted

0 votes
Answer accepted
Scott Barr
Scott Barr July 7, 2021

I was able to get the Java key store built, and certificates added from my CA.  Instead of continuing with the config\server.xml manual changes, I installed a new version of Java Runtime Environment and ran the "config.bat" tool that was mentioned a little further up in this same guide.   I adjusted the entries as it said, doing HTTPS only, set the port to 8443, and directed to the keystore.  All tested successfully.

After a reboot however, I am now getting an error on the webpage startup at https://xxx:8443 that "The Server.xml file is missing parameters needed by JIRA to handle requests that contain special characters."

Investigating, but if anyone knows anything real quick, please chime in :)  

Thank you,

View More Comments
Dirk Ronsmans
Dirk Ronsmans
Community Champion
July 7, 2021

Hey @Scott Barr ,

you need to make sure your tomcat connectors have the part for the special characters. 

this thread seems to explain it pretty well.

 https://community.atlassian.com/t5/Jira-Software-questions/Tomcat-misconfigured-due-to-requests-for-special-characters-2018/qaq-p/968102

Like
Like
Scott Barr
Scott Barr July 7, 2021

So I was just looking at that, and those lines are in both the HTTP and HTTPS connectors already.  Seems to now be there by default.   Very weird.  Still investigating.

Like
Dirk Ronsmans
Dirk Ronsmans
Community Champion
July 7, 2021

And are the connectors uncommented?

also make sure those are the only connectors that are active

 

feel free to post your server.xml if you can maybe more eyes can find the error

Like
Scott Barr
Scott Barr July 7, 2021

I think I'm struggling with the xml formatting and understanding what I'm seeing.    I cannot share due to regulations at my job, unfortunately.

When I open with Notepad, it looks like both my HTTP and HTTPS connectors are commented out using <!--    -->.  Some lines at the bottom are not commented out, but I do not see a "connector" line down there.   BUT when I look at the .xml using a web browser, I see a connector port entry listed at the bottom.  I do not see these lines when editing the .xml file!   

I'm probably struggling with just a basic understanding learning curve here... 

Like
Dirk Ronsmans
Dirk Ronsmans
Community Champion
July 7, 2021

Those bottom parts are related to the config but not a connector. One of those (preferably the HTTPS) one will need to be commented in (if you get me)

just remove the <!—- —> arround that one

Like
Scott Barr
Scott Barr July 7, 2021

Weird!!!! 

So I added :

relaxedPathChars="[]|" relaxedQueryChars="[]|{}^&#x5c;&#x60;&quot;&lt;&gt;"

 

To the configuration at the very bottom of the XML, as when I looked further into it, it seemed to be a valid connection configuration.  I rebooted and now https seems to be working with no errors on the startup page like before!.   Those HTTP and HTTP connectors in the middle are still commented out... but if you say they should be uncommented, maybe I need to look into that.  I might experiement some.

I think I am finally good now though.  Big learning curve for me.   Thank you for the nudges in the right direction Dirk!  

Scott

Like
Dirk Ronsmans
Dirk Ronsmans
Community Champion
July 7, 2021

Ah yes, it’s hard to see without seeing the   XML. 

most likely the config batch file added a connector without the relaxed chars but with your certificate information. 

Good luck on learning more!

Like
Reply
0 votes
Answer accepted
Dirk Ronsmans
Dirk Ronsmans
Community Champion
July 5, 2021

Hey @Scott Barr ,

Could you share the guide you found, I'd like to see how it suggests you set it up.

There are several ways of doing this 

  • in the tomcat configuration
  • using a reverse proxy
  • ..;

The official suggestion you can find here 

https://confluence.atlassian.com/adminjiraserver/running-jira-applications-over-ssl-or-https-938847764.html

View More Comments
Scott Barr
Scott Barr July 6, 2021

Good morning,  Sorry I did not respond yesterday.  I had apparently done something wrong and the forums would not let me post :)  

This is the guide that is confusing me.  I used the Windows installer that is supposed to come prepackaged with a JRE that is to be used, however none seem to be present.  None of the steps in the guide function for me, as I cannot launch java apps, nor can I seem to set the JAVA HOME information.  

Despite what the documentation says(in multiple places i see note of using the built in JRE that comes with the pre-packaged solution), should I just go ahead and install Oracle JRE 11 or some such to do this?  

Appreciate any assistance, I am very new to web type development and configuring SSL.

Edit : To be more clear, I am using the x64 Windows installer for JIRA Service Management only.  Nothing else has been installed except Postgres SQL 11.

Thank you!

Like
Reply
1 vote
Scott Barr
Scott Barr July 6, 2021

I am thinking more clearly today, and I've identified the JAVA_HOME(JRE_HOME?) location to be 

E:\Atlassian\Jira\jre\bin\

keytool is located here so I am no longer stuck.  Working on the document you sent.  Thank you :)

Reply

Suggest an answer

Log in or Sign up to answer
Jira Service Desk
Jira Service Management
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security