If your self signed certificate has expired, you don't need to renew it, simply generate a new one.
Renewal of certificate is just a terminological thing, in true sense renewal of certificate is generation of new certificate.
Also, for self signed I suggest you generate it for long time, like 20 years. So you don't need to renew/regenerate it again and again.
Few questions if you can help in this,
1. I dont have information of the existing on certificate.
2. How can i know if the existing certificate is self signed certificate or purchase one?
3. I check in JIRA staging and production the date of expire are showing different. That means i have to create two certificate?
4. can you provide with complete procedure and required information how i can prepare certificate. Step by Step.
If you don't have information about certificate it is not advisable to do a guess work.
Run this command against both your sites, (default https port is 443)
openssl s_client -showcerts -connect <URL>:<PORT>
It will give you information about certificate that you use to identify type. Check 'subject' and 'issuer' information resulted by above command.
Now if you want to generate self signed certificates, and you have your https communication ending on proxy servers like Nginx, or Apache httpd, (this is what most people do) use `openssl` utlity to generate self signed certificate. https://www.ibm.com/support/knowledgecenter/en/SSMNED_5.0.0/com.ibm.apic.cmc.doc/task_apionprem_gernerate_self_signed_openSSL.html
If you want your ssl communication to end on Jira itself, you need to use `keytool` that come with JDK. And following a guide provide Tomcat (Jira itself used tomcat) is what I find best. - https://tomcat.apache.org/tomcat-8.0-doc/ssl-howto.html
You can run this command on any machine from which Jira server is accessible.
openssl s_client -showcerts -connect <JIRA_SERVER_HOSTNAME>:<PORT>
Yes you will need to run this on Terminal/Command Prompt, but make sure you have openssl installed. Usually it comes preinstalled on Linux. And you can search internet for Windows installers (I don't use windows machines).
You will need to talk to the organisation that provides your certificates.
Most certification authorities have systems that allow you to regenerate your certificates when you need them.
At home, I use "lets encrypt" which is fully automated - when I need a new certificate, a raspberry pi logs in, gets a new one, and applies it to my web server automatically. I've added a very short script which pokes it into the keystores on the servers running other things that need it.
Hello Community 👋, I'm a product manager at Atlassian, looking at improving change management capabilities across our products. In particular, we're looking at bridging the gap between Dev & ...
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event
You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events