Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,367,721
Community Members
 
Community Events
168
Community Groups

Fisheye with PKCS12 directly utilized

Mike Rathwell Community Leader Aug 31, 2015

I currently have Confluence, JIRA, Crowd, and Bamboo configured to use the PKCS12 for SSL directly.

I am trying to find out if I can do the same with Fisheye. All I can see are the common commands to generate the various certificate types typically used by Java that are in the other configuration documents. In interest of consistency in my environment is there a way to configure Fisheye with the equivalent Tomcat keystoreType=PKCS12 switch?

1 answer

0 votes

See this https://confluence.atlassian.com/fisheye/fisheye-ssl-configuration-298976938.html page, it explains how to use PKCS12 certificates with FishEye. Kind regards, Piotr

Mike Rathwell Community Leader Sep 01, 2015

Piotr, I did see that page... It doesn't do what I was looking for (and the Atlassian Answers site told me I had blacklisted words when I tried to explain it more fully). In my JIRA, Bamboo, and Confluence instances, I use the PKCS12 DIRECTLY. I can set the keystoreType in the server.xml config file and just point at it without extracting the other variants of the certificate to use in traditional java keystore mode. What i was looking for was how to do that...

Mike Rathwell Community Leader Sep 01, 2015

Adding to my comment... What I'd be looking for is what is described in the server.xml for my Confluence, JIRA, Bamboo, and Crowd instances... The Connector statement is in the following form: <Connector port="443" maxHttpHeaderSize="8192" maxThreads="300" minSpareThreads="25" maxSpareThreads="75" enableLookups="false" disableUploadTimeout="true" acceptCount="100" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" SSLEnabled="true" keystoreFile="<filesystempath>\corpWildcardwithChain.pfx" keystorePass="password" keystoreType="PKCS12"/>

Mike, Thanks for clarification. At the moment the only keystore format supported by FishEye/Crucible is JKS. I can see Jetty (embedded in FishEye/Crucible) supports PKCS12 keystores, so seems like there are no reasons to not consider such improvement. Would you consider raising a public issue in http://jira.atlassian.com/browse/FE project and vote on it, please? Kind regards, Piotr

Suggest an answer

Log in or Sign up to answer
TAGS

Atlassian Community Events