Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root


1 badge earned


Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!


Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.


Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!


Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
Community Members
Community Events
Community Groups

How do I configure JIRA Service Management to use SSL?

I am struggling with finding the proper way to configure SSL for a JIRA Service Management Data Center implementation.   

I did find a guide on how to do this for the JIRA product itself, but it does not appear to be applicable because it needs additional JAVA setup on the server.   The JIRA Service Management installation bundle for Windows is supposed to come pre-configured with it's own JAVA, so should not be needed.

Can anyone help point me in the right direction to get started?

3 answers

2 accepted

0 votes
Answer accepted

I was able to get the Java key store built, and certificates added from my CA.  Instead of continuing with the config\server.xml manual changes, I installed a new version of Java Runtime Environment and ran the "config.bat" tool that was mentioned a little further up in this same guide.   I adjusted the entries as it said, doing HTTPS only, set the port to 8443, and directed to the keystore.  All tested successfully.

After a reboot however, I am now getting an error on the webpage startup at https://xxx:8443 that "The Server.xml file is missing parameters needed by JIRA to handle requests that contain special characters."

Investigating, but if anyone knows anything real quick, please chime in :)  

Thank you,

Dirk Ronsmans Community Leader Jul 07, 2021

Hey @Scott Barr ,

you need to make sure your tomcat connectors have the part for the special characters. 

this thread seems to explain it pretty well.

So I was just looking at that, and those lines are in both the HTTP and HTTPS connectors already.  Seems to now be there by default.   Very weird.  Still investigating.

And are the connectors uncommented?

also make sure those are the only connectors that are active


feel free to post your server.xml if you can maybe more eyes can find the error

I think I'm struggling with the xml formatting and understanding what I'm seeing.    I cannot share due to regulations at my job, unfortunately.

When I open with Notepad, it looks like both my HTTP and HTTPS connectors are commented out using <!--    -->.  Some lines at the bottom are not commented out, but I do not see a "connector" line down there.   BUT when I look at the .xml using a web browser, I see a connector port entry listed at the bottom.  I do not see these lines when editing the .xml file!   

I'm probably struggling with just a basic understanding learning curve here... 

Dirk Ronsmans Community Leader Jul 07, 2021

Those bottom parts are related to the config but not a connector. One of those (preferably the HTTPS) one will need to be commented in (if you get me)

just remove the <!—- —> arround that one


So I added :

relaxedPathChars="[]|" relaxedQueryChars="[]|{}^&#x5c;&#x60;&quot;&lt;&gt;"


To the configuration at the very bottom of the XML, as when I looked further into it, it seemed to be a valid connection configuration.  I rebooted and now https seems to be working with no errors on the startup page like before!.   Those HTTP and HTTP connectors in the middle are still commented out... but if you say they should be uncommented, maybe I need to look into that.  I might experiement some.

I think I am finally good now though.  Big learning curve for me.   Thank you for the nudges in the right direction Dirk!  


Dirk Ronsmans Community Leader Jul 07, 2021

Ah yes, it’s hard to see without seeing the   XML. 

most likely the config batch file added a connector without the relaxed chars but with your certificate information. 

Good luck on learning more!

0 votes
Answer accepted
Dirk Ronsmans Community Leader Jul 05, 2021

Hey @Scott Barr ,

Could you share the guide you found, I'd like to see how it suggests you set it up.

There are several ways of doing this 

  • in the tomcat configuration
  • using a reverse proxy
  • ..;

The official suggestion you can find here

Good morning,  Sorry I did not respond yesterday.  I had apparently done something wrong and the forums would not let me post :)  

This is the guide that is confusing me.  I used the Windows installer that is supposed to come prepackaged with a JRE that is to be used, however none seem to be present.  None of the steps in the guide function for me, as I cannot launch java apps, nor can I seem to set the JAVA HOME information.  

Despite what the documentation says(in multiple places i see note of using the built in JRE that comes with the pre-packaged solution), should I just go ahead and install Oracle JRE 11 or some such to do this?  

Appreciate any assistance, I am very new to web type development and configuring SSL.

Edit : To be more clear, I am using the x64 Windows installer for JIRA Service Management only.  Nothing else has been installed except Postgres SQL 11.

Thank you!

I am thinking more clearly today, and I've identified the JAVA_HOME(JRE_HOME?) location to be 


keytool is located here so I am no longer stuck.  Working on the document you sent.  Thank you :)

Suggest an answer

Log in or Sign up to answer

Atlassian Community Events