We are Bamboo cloud users and as you know the clock is ticking. I ran the jar based wizard that creates an AWS instance running Bamboo. That went smooth so A+ on that. My problem is that I can't figure out how to install an existing SSL cert in Bamboo/Tomcat. We own a Thawte wildcard cert and need to use that cert for this server. I see stuff about CSR which sounds like it is for certs that originated from a request from the Bamboo server machine, but the cert I have was obtained in 2015 way before this process so I think I am in a different situation than described in the documentation. I have a p7s file and I also grabbed a crt version of the cert meant for Apache servers because I saw Tomcat used Apache in some capacity and I had hoped that might work. I don't know how to get either of these to work using your documentation or Thawte's Tomcat documentation.
Given that you guys coded Bamboo / JIRA to require a cert that is not self-signed to integrate them and the fact that Tomcat's cert process seems to be much more complicated than other servers, this has turned out to be a very frustrating and costly (hours lost) process for us. I really need someone to help me figure this out or our companies ability to update our software two weeks from now will grind to a halt.
Don't focus on Tomcat, install the certificate in Apache, which already fronts Bamboo and is already configured for SSL support. Since you already have a version of your cert meant to work with Apache, it should be as easy as replacing /etc/apache2/ssl/apache.key and /etc/apache2/ssl/apache.crt files.
Which files do you have atm? p7s is one, what's the other one?
Those are three files I grabbed off of Thawte's site. I thought to try Apache after I found out Tomcat was "piping" through it. It didn't work but now that I think back maybe I didnt do it right. Cant remember if I followed any instructions or if I just edited the config files using my own assumptions on how it was done. I'm a developer who happens to wear many hats like administering our servers but all that means is I know more than the other people in the office. I'm still pretty much a noob at being a server admin.
Well, you need a public key certificate and it looks like com_apache.crt is what you need. So rename it to apache.crt and put into /etc/apache2/ssl/apache.crt ,
You also need a private key. It's hard to say what's inside p7s. Look here: http://youtube.com/watch?v=TNal4Ke28L8
Maybe the private key is bundled with the cert, then you need to remove the key entry.
If you have certificate in PFX format, you can modify server.xml (which is in <bamboo_install_directory>/conf/server.xml) with the following:
scheme="https" secure="true" SSLEnabled="true" sslProtocol="TLS"
Thanks for signing up for Jira Ops! I’m Matt Ryall, leader for the Jira Ops product team at Atlassian. Since this is a brand new product, we’ll be delivering improvements quickly and sharing updates...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs