It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Certificafte

We have already certificate , but we need to renew it also it seems not purchased, how can we renew it and also bind with the existing on? 

2 answers

1 accepted

0 votes
Answer accepted

If your self signed certificate has expired, you don't need to renew it, simply generate a new one.

Renewal of certificate is just a terminological thing, in true sense renewal of certificate is generation of new certificate.

Also, for self signed I suggest you generate it for long time, like 20 years. So you don't need to renew/regenerate it again and again.

Dear DPK,

thanks you,

Few questions if you can help in this,

1. I dont have information of the existing on certificate.

2. How can i know if the existing certificate is self signed certificate or purchase one?

3. I check in JIRA staging and production the date of expire  are showing different. That means i have to create two certificate?

4. can you provide with complete procedure and required information how i can prepare certificate. Step by Step.

regards,

 

If you don't have information about certificate it is not advisable to do a guess work.

 

Run this command against both your sites, (default https port is 443)

openssl s_client -showcerts -connect <URL>:<PORT>

It will give you information about certificate that you use to identify type. Check 'subject' and 'issuer' information resulted by above command.

 

Now if you want to generate self signed certificates, and you have your https communication ending on proxy servers like Nginx, or Apache httpd, (this is what most people do) use `openssl` utlity to generate self signed certificate. https://www.ibm.com/support/knowledgecenter/en/SSMNED_5.0.0/com.ibm.apic.cmc.doc/task_apionprem_gernerate_self_signed_openSSL.html

 

If you want your  ssl communication to end on Jira itself, you need to use `keytool` that come with JDK. And following a guide provide Tomcat (Jira itself used tomcat) is what I find best. - https://tomcat.apache.org/tomcat-8.0-doc/ssl-howto.html

Like Sarmad likes this

Where to RUN this command on JIRA server or any work station?

Should i go to Command prompt 

openssl s_client -showcerts -connect <URL>:<PORT>

You can run this command on any machine from which Jira server is accessible.

openssl s_client -showcerts -connect <JIRA_SERVER_HOSTNAME>:<PORT>

 Yes you will need to run this on Terminal/Command Prompt, but make sure you have openssl installed. Usually it comes preinstalled on Linux. And you can search internet for Windows installers (I don't use windows machines).

Like Sarmad likes this

I will check and get back to you...anyways thanks for your time. and i will need your help for generating certificate. 

We are using WIN 2012R2 server for JIRA instance.

thank you DPK. 

0 votes
Nic Brough Community Leader Sep 07, 2019

You will need to talk to the organisation that provides your certificates.

Most certification authorities have systems that allow you to regenerate your certificates when you need them.

At home, I use "lets encrypt" which is fully automated - when I need a new certificate, a raspberry pi logs in, gets a new one, and applies it to my web server automatically.  I've added a very short script which pokes it into the keystores on the servers running other things that need it.

I am sure its self signed certificate. Also after generating the certificate it needs to be install on each new pc manually. 

Suggest an answer

Log in or Sign up to answer
Community showcase
Posted in Jira Service Desk

Tell us how you've implemented Change Management

Hello Community 👋, I'm a product manager at Atlassian, looking at improving change management capabilities across our products. In particular, we're looking at bridging the gap between Dev & ...

155 views 0 4
Join discussion

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you