Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Next challenges

Recent achievements

  • Global
  • Personal

Recognition

  • Give kudos
  • Received
  • Given

Leaderboard

  • Global

Trophy case

Kudos (beta program)

Kudos logo

You've been invited into the Kudos (beta program) private group. Chat with others in the program, or give feedback to Atlassian.

View group

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Configuring JIRA server over HTTPS with wildcard certificate

Hi, i'm trying to configure my JIRA Core server for HTTS access using a wildcard certificate but i'm not able :( 

Any Atlassian Tecnical support me?

 

BR 

2 answers

0 votes

Hi @Stefano Sbalchiero,

did u try to import cert into jdk cacert? https://confluence.atlassian.com/kb/how-to-import-a-public-ssl-certificate-into-a-jvm-867025849.html

Please could you provide JIRA_INST/conf/server.xml configuration?

Ciao,

Fabio

This is my /conf/server file

 

<?xml version="1.0" encoding="UTF-8"?>

<!--Licensed to the Apache Software Foundation (ASF) under one or morecontributor license agreements. See the NOTICE file distributed withthis work for additional information regarding copyright ownership.The ASF licenses this file to You under the Apache License, Version 2.0(the "License"); you may not use this file except in compliance withthe License. You may obtain a copy of the License athttp://www.apache.org/licenses/LICENSE-2.0Unless required by applicable law or agreed to in writing, softwaredistributed under the License is distributed on an "AS IS" BASIS,WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.See the License for the specific language governing permissions andlimitations under the License. -->

-<Server shutdown="SHUTDOWN" port="8005">

<Listener className="org.apache.catalina.startup.VersionLoggerListener"/>

<Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on"/>

<Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener"/>

<Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener"/>

<Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener"/>


-<Service name="Catalina">

<!--==============================================================================================================DEFAULT - Direct connector with no proxy for unproxied access to Jira.If using a http/https proxy, comment out this connector.============================================================================================================== -->


<!-- Relaxing chars because of JRASERVER-67974 -->


<Connector port="80" bindOnInit="false" disableUploadTimeout="true" acceptCount="100" redirectPort="8443" useBodyEncodingForURI="true" protocol="HTTP/1.1" maxHttpHeaderSize="8192" enableLookups="false" connectionTimeout="20000" minSpareThreads="25" maxThreads="150" relaxedQueryChars="[]|{}^\`"<>" relaxedPathChars="[]|"/>

<!--==============================================================================================================HTTP - Proxying Jira via Apache or Nginx over HTTPIf you're proxying traffic to Jira over HTTP, uncomment the below connector and comment out the others.Ensure the proxyName and proxyPort are updated with the appropriate information if necessary as per the docs.See the following for more information:Apache - https://confluence.atlassian.com/x/4xQLMnginx - https://confluence.atlassian.com/x/DAFmGQ============================================================================================================== -->


<!--<Connector port="80" relaxedPathChars="[]|" relaxedQueryChars="[]|{}^&#x5c;&#x60;&quot;&lt;&gt;"maxThreads="150" minSpareThreads="25" connectionTimeout="20000" enableLookups="false"maxHttpHeaderSize="8192" protocol="HTTP/1.1" useBodyEncodingForURI="true" redirectPort="8443"acceptCount="100" disableUploadTimeout="true" bindOnInit="false" scheme="http"proxyName="<subdomain>.<domain>.com" proxyPort="80"/> -->


<!--==============================================================================================================HTTPS - Proxying Jira via Apache or Nginx over HTTPSIf you're proxying traffic to Jira over HTTPS, uncomment the below connector and comment out the others.Ensure the proxyName and proxyPort are updated with the appropriate information if necessary as per the docs.See the following for more information:Apache - https://confluence.atlassian.com/x/PTT3MQnginx - https://confluence.atlassian.com/x/DAFmGQ============================================================================================================== -->


<!--<Connector port="80" relaxedPathChars="[]|" relaxedQueryChars="[]|{}^&#x5c;&#x60;&quot;&lt;&gt;"maxThreads="150" minSpareThreads="25" connectionTimeout="20000" enableLookups="false"maxHttpHeaderSize="8192" protocol="HTTP/1.1" useBodyEncodingForURI="true" redirectPort="8443"acceptCount="100" disableUploadTimeout="true" bindOnInit="false" secure="true" scheme="https"proxyName="<subdomain>.<domain>.com" proxyPort="443"/> -->


<!--==============================================================================================================AJP - Proxying Jira via Apache over HTTP or HTTPSIf you're proxying traffic to Jira using the AJP protocol, uncomment the following connector lineSee the following for more information:Apache - https://confluence.atlassian.com/x/QiJ9MQ============================================================================================================== -->


<!--<Connector port="8009" relaxedPathChars="[]|" relaxedQueryChars="[]|{}^&#x5c;&#x60;&quot;&lt;&gt;"URIEncoding="UTF-8" enableLookups="false" protocol="AJP/1.3"/> -->



-<Engine name="Catalina" defaultHost="localhost">


-<Host name="localhost" autoDeploy="true" unpackWARs="true" appBase="webapps">


-<Context useHttpOnly="true" reloadable="false" docBase="${catalina.home}/atlassian-jira" path="">

<Resource name="UserTransaction" jotm.timeout="60" factory="org.objectweb.jotm.UserTransactionFactory" type="javax.transaction.UserTransaction" auth="Container"/>

<Manager pathname=""/>

<JarScanner scanManifest="false"/>

</Context>

</Host>

<Valve className="org.apache.catalina.valves.AccessLogValve" pattern="%a %{jira.request.id}r %{jira.request.username}r %t "%m %U%q %H" %s %b %D "%{Referer}i" "%{User-Agent}i" "%{jira.request.assession.id}r""/>

</Engine>

</Service>

</Server>

Hi,

did u imported certificate into the cacert' Are u using a reverse proxy?

can you help me to import certificate?

we have a router/firewall  behind JIRA server

Hi Stefano,

please read the following guide  https://confluence.atlassian.com/kb/how-to-import-a-public-ssl-certificate-into-a-jvm-867025849.html 

Let me know if you have problem with that.

Ciao,

Fabio

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Posted in Jira Core

How to manage many similar workflows?

I have multiple projects that use variations of the same base workflow. The variations depend on the requirements of the project or issue type. The variations mostly come in the form of new statuses ...

4,001 views 11 5
Join discussion

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you