Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

How do I update my certificate

Dusty Kirschmann
Dusty Kirschmann September 15, 2017

Im new to Jira and Tomcat as I have taken over the admining of this server.  I need to update the cert on it as we are about to expire but I dont know what to do.  I was looking at docks and they talked about portecle but I am not finding anything to looks like a keystore to open.  The next option is to use openssl but Im not finding commands on how to find the cert or if I can just request a new csr and get my cert and then where to replace it.  Can anyone help?

 

Thanks

Dusty

Answer
Watch
Like Be the first to like this
653 views

2 answers

1 vote
Dave Theodore [Coyote Creek Consulting]
Dave Theodore [Coyote Creek Consulting]
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
September 15, 2017

Where is the cert being managed? If it is being managed in Java, I would recommend moving SSL termination to a reverse proxy server. It is far easier to manage certs this way and doesn't require a restart of the application. This will also allow you to bind to 443 and have the potentially less secure Java application run as an unprivileged user and listen on a high port. Atlassian has this well documented, and it's easy to set up.  They also have the process documented if you're terminating SSL in Tomcat.  I hope this helps.

Reply
0 votes
Dusty Kirschmann
Dusty Kirschmann September 20, 2017

Sorry.  I have been trying to dig through our install.  It looks like the cert is managed with java.  I found the old keystore file but have no clue as to the password since the default does not work.  I created a new keystore and imported my intermediate certs and the jira cert that expires in 2020. I ran the batch file and updated the keystore path, alias etc.  Saved it and made sure the changes were wrote to the server.xml file.  I restarted the jira and tomcat services but when I loaded the webpage the old cert is still being used.  Where can I look for the path that its using the old keystore still?

Reply

Suggest an answer

Log in or Sign up to answer
Jira Service Desk
Jira Service Management
TAGS
AUG Leaders

Atlassian Community Events

    See all events