Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,367,620
Community Members
 
Community Events
168
Community Groups

Configuring SSL for FishEye with a keystore having multiple certificates

In the FishEye SSL configuration page, it explains how to configure FishEye for SSL. It suggests creating a certificate and adding it to a Java Keystore and pointing FishEye at it. But what if your Java keystore has multiple certificates stored within it? Does FishEye choose the first one? If all your certificates have aliases, can you tell FishEye which one to use (like Tomcat)?

2 answers

1 accepted

1 vote
Answer accepted
PauloP Rising Star Aug 29, 2012

Hi

1. The system (Fisheye) will try to find a certificate which the related private key is present. So Fisheye will be able to bind the TCP port and wait for SSL requests.

2. If the related keystore has multiple certificate with valid private keys (for each one), it will try to use the certificate which has the CN value equal to the hostname

In Tomcat, you can add the tag keyAlias (case sensitive) on trying to specify the alias that the app. server should use. However, since Fisheye use Jetty, I don't believe that it could works.

However, if would like to try, open config.xml for editing and add the tag keyalias (not sensitive) with the other ones. For further details, please review the following link:

https://confluence.atlassian.com/display/FISHEYE/FishEye+SSL+configuration#FishEyeSSLconfiguration-configuringssl

Cheers

Paulo Renato

Got SSL working on Nexus which also uses Jetty...seems Jetty will default to an alias called... "jetty". Quite obvious when you know the answer... but so frustrating beforehand.

Suggest an answer

Log in or Sign up to answer
TAGS

Atlassian Community Events