Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Installing Let's Encrypt SSL on JIRA

Hello,

 

I was trying to install let's encrypt ssl on my jira software. I made a domain under the name jira.nitsonline.in, I followed this guide to install the let's encrypt on this particular domain. I was able to do all the steps required, but whenever I try to start jira it doesn't show running on any of my ports.

netstat -ntlp

(Not all processes could be identified, non-owned process info

will not be shown, you would have to be root to see it all.)

Active Internet connections (only servers)

Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    

tcp        0      0 127.0.0.53:53           0.0.0.0:*               LISTEN      -                   

tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      -                   

tcp6       0      0 127.0.0.1:44531         :::*                    LISTEN      -                   

tcp6       0      0 :::7990                 :::*                    LISTEN      -                   

tcp6       0      0 :::22                   :::*                    LISTEN      -                   

tcp6       0      0 127.0.0.1:7992          :::*                    LISTEN      -                   

tcp6       0      0 ::1:7992                :::*                    LISTEN      -                   

tcp6       0      0 127.0.0.1:7993          :::*                    LISTEN      -                   

tcp6       0      0 ::1:7993                :::*                    LISTEN      -                   

tcp6       0      0 :::7999                 :::*                    LISTEN      -                   

tcp6       0      0 127.0.0.1:38143         :::*                    LISTEN      -                   

tcp6       0      0 :::5701                 :::*                    LISTEN      - 

Whenever I try to start the jira it doesn't show any error:

 

sudo /etc/init.d/jira start


To run JIRA in the foreground, start the server with start-jira.sh -fg

executing using dedicated user: jira


                  `sMMMMMMMMMMMMMM+

                     MMMMMMMMMMMMMM

                     :sdMMMMMMMMMMM

                             MMMMMM

          `sMMMMMMMMMMMMMM+  MMMMMM

             MMMMMMMMMMMMMM  +MMMMM

              :sMMMMMMMMMMM   MMMMM

                     MMMMMM    `UOJ

   `sMMMMMMMMMMMMM+  MMMMMM

     MMMMMMMMMMMMMM  +MMMMM

      :sdMMMMMMMMMM   MMMMM

             MMMMMM    `UOJ

             MMMMMM

             +MMMMM

              MMMMM

               `UOJ




      Atlassian Jira

      Version : 8.3.2

                  




If you encounter issues starting or stopping JIRA, please see the Troubleshooting guide at https://docs.atlassian.com/jira/jadm-docs-083/Troubleshooting+installation







Server startup logs are located in /opt/atlassian/jira/logs/catalina.out

Using CATALINA_BASE:   /opt/atlassian/jira

Using CATALINA_HOME:   /opt/atlassian/jira

Using CATALINA_TMPDIR: /opt/atlassian/jira/temp

Using JRE_HOME:        /opt/atlassian/jira/jre/

Using CLASSPATH:       /opt/atlassian/jira/bin/bootstrap.jar:/opt/atlassian/jira/bin/tomcat-juli.jar

Using CATALINA_PID:    /opt/atlassian/jira/work/catalina.pid

Existing PID file found during start.

Removing/clearing stale PID file.

Tomcat started  

But still it doesn't show any port running 8080 or 8443.

My server.xml file looks like:

<?xml version="1.0" encoding="utf-8"?>

<Server port="8005" shutdown="SHUTDOWN">
<Listener className="org.apache.catalina.startup.VersionLoggerListener"/>
<Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on"/>
<Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener"/>
<Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener"/>
<Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener"/>

<Service name="Catalina">
<!-- Relaxing chars because of JRASERVER-67974 -->
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxHttpHeaderSize="8192" SSLEnabled="true" scheme="https" secure="true" sslEnabledProtocols="TLSv1.2,TLSv1.3"
clientAuth="false" keyAlias="jira" keystoreFile="/usr/lib/jvm/java-11-openjdk-amd64/jre/jira.jks"
keystorePass="Nitish@03Sept" keystoreType="JKS" port="8080"
relaxedPathChars="[]|" relaxedQueryChars="[]|{}^&#x5c;&#x60;&quot;&lt;&gt;"
maxThreads="150" minSpareThreads="25" connectionTimeout="20000" enableLookups="false"
maxHttpHeaderSize="8192" protocol="HTTP/1.1" useBodyEncodingForURI="true" redirectPort="8443"
acceptCount="100" disableUploadTimeout="true" bindOnInit="false"/>

<Engine name="Catalina" defaultHost="localhost">
<Host name="localhost" appBase="webapps" unpackWARs="true" autoDeploy="true">

<Context path="" docBase="${catalina.home}/atlassian-jira" reloadable="false" useHttpOnly="true">
<Resource name="UserTransaction" auth="Container" type="javax.transaction.UserTransaction"
factory="org.objectweb.jotm.UserTransactionFactory" jotm.timeout="60"/>
<Manager pathname=""/>
<JarScanner scanManifest="false"/>
<Valve className="org.apache.catalina.valves.StuckThreadDetectionValve" threshold="120" />
</Context>

</Host>
<Valve className="org.apache.catalina.valves.AccessLogValve"
pattern="%a %{jira.request.id}r %{jira.request.username}r %t &quot;%m %U%q %H&quot; %s %b %D &quot;%{Referer}i&quot; &quot;%{User-Agent}i&quot; &quot;%{jira.request.assession.id}r&quot;"/>
</Engine>
</Service>
</Server>

Help me out with this. Thanks.

2 answers

1 accepted

0 votes
Answer accepted

@Nitish_Kumar 

 

Hi Nitish

 

did you have a look to the catalina.out file to check for any exceptions?

 

Cheers

Kurt

@Kurt Klinner Hi thanks for reply. I did check my catlina.out file, I am getting:

 

23-Aug-2019 15:10:42.814 SEVERE [main] org.apache.tomcat.util.digester.Digester.fatalError Parse Fatal Error at line 38 column 62: Attribute "port" was already specified for element "Connector".

org.xml.sax.SAXParseException; systemId: file:/opt/atlassian/jira/conf/server.xml; lineNumber: 38; columnNumber: 62; Attribute "port" was already specified for element "Connector".

        at com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.createSAXParseException(ErrorHandlerWrapper.java:203)

        at com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.fatalError(ErrorHandlerWrapper.java:177)

        at com.sun.org.apache.xerces.internal.impl.XMLErrorReporter.reportError(XMLErrorReporter.java:400)

        at com.sun.org.apache.xerces.internal.impl.XMLErrorReporter.reportError(XMLErrorReporter.java:327)

        at com.sun.org.apache.xerces.internal.impl.XMLScanner.reportFatalError(XMLScanner.java:1472)

        at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanAttribute(XMLDocumentFragmentScannerImpl.java:1560)

        at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanStartElement(XMLDocumentFragmentScannerImpl.java:1315)

        at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl$FragmentContentDriver.next(XMLDocumentFragmentScannerImpl.java:2784)

        at com.sun.org.apache.xerces.internal.impl.XMLDocumentScannerImpl.next(XMLDocumentScannerImpl.java:602)

        at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanDocument(XMLDocumentFragmentScannerImpl.java:505)

        at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:842)

        at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:771)

        at com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XMLParser.java:141)

        at com.sun.org.apache.xerces.internal.parsers.AbstractSAXParser.parse(AbstractSAXParser.java:1213)

        at com.sun.org.apache.xerces.internal.jaxp.SAXParserImpl$JAXPSAXParser.parse(SAXParserImpl.java:643)

        at org.apache.tomcat.util.digester.Digester.parse(Digester.java:1518)

        at org.apache.catalina.startup.Catalina.load(Catalina.java:611)

        at org.apache.catalina.startup.Catalina.load(Catalina.java:662)

        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)

        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)

        at java.lang.reflect.Method.invoke(Method.java:498)

        at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:309)

        at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:492)




23-Aug-2019 15:10:42.817 WARNING [main] org.apache.catalina.startup.Catalina.load Catalina.start using conf/server.xml: Attribute "port" was already specified for element "Connector".

23-Aug-2019 15:10:42.817 SEVERE [main] org.apache.catalina.startup.Catalina.start Cannot start server. Server instance is not configured.

"catalina.out" 29L, 2971C

I am new bee. I am unable to understand the logs. 

@Nitish_Kumar 

 

Hi Nitish

Attribute "port" was already specified for element "Connector"

is the part you should look at 

 

you dis specify port twice within

<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
maxHttpHeaderSize="8192" SSLEnabled="true" scheme="https" secure="true" sslEnabledProtocols="TLSv1.2,TLSv1.3"
clientAuth="false" keyAlias="jira" keystoreFile="/usr/lib/jvm/java-11-openjdk-amd64/jre/jira.jks"
keystorePass="Nitish@03Sept" keystoreType="JKS"
port="8080"

Cheers

 

Kurt

Hey, Thanks, I can see I've mentioned twice but different values 

protocol="HTTP/1.1" 

Do I need to remove this also?

@Nitish_Kumar 

 

Check https://confluence.atlassian.com/adminjiraserver/running-jira-applications-over-ssl-or-https-938847764.html out it describes the needed config changes

Port=8443 is the one you should use in your case

 

A more common approach would be to terminate ssl on a webserver / loadbalancer in front of jira, see also https://confluence.atlassian.com/adminjiraserver073/integrating-jira-with-apache-using-ssl-861253896.html

 

Cheers

Kurt

This is not a very good practice. You would save lot of time and effort integrating with a load balancer like nginx. 

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Published in Jira Software

How to create Jira issus from Excel file?

When to use CSV importer When managing your processes in Jira, there are many occasions where you need to create a lot of tasks. Creating them one by one will cost you a lot of time and effort and i...

4,346 views 22 31
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you