Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Change keystore location for (delegated) Active Directory SSL certificate

Lucas Molenaar
Lucas Molenaar
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
October 11, 2012

Instead of using the JVM keystore (\JIRA\jre\lib\security\cacerts) I like Jira use a different keystore for SSL handshaking with the Active Directory. Where can I set/change the location?

e.g. when creating a connector you can set "keystoreFile=" I want to do the same for the external user directory.

Answer
Watch
Like Mo Beigi likes this
1883 views

1 answer

1 accepted

0 votes
Answer accepted
JohnA
JohnA
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
October 11, 2012

Hi Lucas,

If Inderstand your question correctly, you are wanting to tell the JVM to look in a different location for it's Keystore, rather than using the default location. If this is indeed the case then you can add an argument to your JAVA_OPTS to tell the JVM to use a different Keystore. To do this just shutdown JIRA, add the following flag to the JAVA_OPTS and restart JIRA again:

-Djavax.net.ssl.keyStore="path-to-file"

All the best,
John

View More Comments
Lucas Molenaar
Lucas Molenaar
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
November 12, 2012

Hi John,

Thanks for your help. I am running Jira as a windows service and like to re-use the keystore containing my domain + user directory (LDAP) certificates. The included cacerts file gets overwritten during upgrade and I do not want to keep copying the file. Also, since the upgrade to 5.2 it no longer picks up the certificate.

Could you please advise how to to update the service so it will make sure the following keystore is used: "c:\certificates\.keystore"?

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events