Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

How do I configure JIRA Service Management to use SSL?

I am struggling with finding the proper way to configure SSL for a JIRA Service Management Data Center implementation.   

I did find a guide on how to do this for the JIRA product itself, but it does not appear to be applicable because it needs additional JAVA setup on the server.   The JIRA Service Management installation bundle for Windows is supposed to come pre-configured with it's own JAVA, so should not be needed.

Can anyone help point me in the right direction to get started?

3 answers

2 accepted

0 votes
Answer accepted
Dirk Ronsmans Community Leader Jul 05, 2021

Hey @Scott Barr ,

Could you share the guide you found, I'd like to see how it suggests you set it up.

There are several ways of doing this 

  • in the tomcat configuration
  • using a reverse proxy
  • ..;

The official suggestion you can find here 

https://confluence.atlassian.com/adminjiraserver/running-jira-applications-over-ssl-or-https-938847764.html

Good morning,  Sorry I did not respond yesterday.  I had apparently done something wrong and the forums would not let me post :)  

This is the guide that is confusing me.  I used the Windows installer that is supposed to come prepackaged with a JRE that is to be used, however none seem to be present.  None of the steps in the guide function for me, as I cannot launch java apps, nor can I seem to set the JAVA HOME information.  

Despite what the documentation says(in multiple places i see note of using the built in JRE that comes with the pre-packaged solution), should I just go ahead and install Oracle JRE 11 or some such to do this?  

Appreciate any assistance, I am very new to web type development and configuring SSL.

Edit : To be more clear, I am using the x64 Windows installer for JIRA Service Management only.  Nothing else has been installed except Postgres SQL 11.

Thank you!

0 votes
Answer accepted

I was able to get the Java key store built, and certificates added from my CA.  Instead of continuing with the config\server.xml manual changes, I installed a new version of Java Runtime Environment and ran the "config.bat" tool that was mentioned a little further up in this same guide.   I adjusted the entries as it said, doing HTTPS only, set the port to 8443, and directed to the keystore.  All tested successfully.

After a reboot however, I am now getting an error on the webpage startup at https://xxx:8443 that "The Server.xml file is missing parameters needed by JIRA to handle requests that contain special characters."

Investigating, but if anyone knows anything real quick, please chime in :)  

Thank you,

Dirk Ronsmans Community Leader Jul 07, 2021

Hey @Scott Barr ,

you need to make sure your tomcat connectors have the part for the special characters. 

this thread seems to explain it pretty well.

 https://community.atlassian.com/t5/Jira-Software-questions/Tomcat-misconfigured-due-to-requests-for-special-characters-2018/qaq-p/968102

So I was just looking at that, and those lines are in both the HTTP and HTTPS connectors already.  Seems to now be there by default.   Very weird.  Still investigating.

And are the connectors uncommented?

also make sure those are the only connectors that are active

 

feel free to post your server.xml if you can maybe more eyes can find the error

I think I'm struggling with the xml formatting and understanding what I'm seeing.    I cannot share due to regulations at my job, unfortunately.

When I open with Notepad, it looks like both my HTTP and HTTPS connectors are commented out using <!--    -->.  Some lines at the bottom are not commented out, but I do not see a "connector" line down there.   BUT when I look at the .xml using a web browser, I see a connector port entry listed at the bottom.  I do not see these lines when editing the .xml file!   

I'm probably struggling with just a basic understanding learning curve here... 

Dirk Ronsmans Community Leader Jul 07, 2021

Those bottom parts are related to the config but not a connector. One of those (preferably the HTTPS) one will need to be commented in (if you get me)

just remove the <!—- —> arround that one

Weird!!!! 

So I added :

relaxedPathChars="[]|" relaxedQueryChars="[]|{}^&#x5c;&#x60;&quot;&lt;&gt;"

 

To the configuration at the very bottom of the XML, as when I looked further into it, it seemed to be a valid connection configuration.  I rebooted and now https seems to be working with no errors on the startup page like before!.   Those HTTP and HTTP connectors in the middle are still commented out... but if you say they should be uncommented, maybe I need to look into that.  I might experiement some.

I think I am finally good now though.  Big learning curve for me.   Thank you for the nudges in the right direction Dirk!  

Scott

Dirk Ronsmans Community Leader Jul 07, 2021

Ah yes, it’s hard to see without seeing the   XML. 

most likely the config batch file added a connector without the relaxed chars but with your certificate information. 

Good luck on learning more!

I am thinking more clearly today, and I've identified the JAVA_HOME(JRE_HOME?) location to be 

E:\Atlassian\Jira\jre\bin\

keytool is located here so I am no longer stuck.  Working on the document you sent.  Thank you :)

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Published in Jira Service Management

Atlympic Event: Jira Service Managemnt

Hello Community!  Quick disclaimer: We are running a contest on Community (The Atlympics!) from July 23rd - August 8th of 2021. If you are interested in participating in this contest (prizes! ...

87 views 0 1
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you