Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Jira, Bitbucket and Confluence on Nginx https application link

mmarcolini
mmarcolini September 12, 2017

Hi, I recently installed Jira, Bitbucket and Confluence all on the same server. All fine so far; all the application can link with one other. I then configured Nginx ( on a separate server ) and proxy the applications with a subdomain ( like jira.mydomain.com , bit.mydomain.com and confluence.mydomain.com ).

All fine and all the application links were working ok.

I then implemented https with a CA certificate, modified nginx accordingly and altered the server.xml files accordingly.

Now I can reach each application via https but the application links are broken ( I get an eeror message saying "The remote certificate can't be trusted".

Any suggestion ? 

Answer
Watch
Like Be the first to like this
574 views

1 answer

1 accepted

0 votes
Answer accepted
Daniel Eads _unmonitored account_
Daniel Eads _unmonitored account_
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
September 12, 2017

Hi Matteo,

Do you know what JVM version your applications are running under (6, 7, 8) and what CA your certificates are signed with?

The Java trust store doesn't contain root certificates for some CAs until Java 8 (GoDaddy for instance). This could be what's causing your issue! I couldn't find a comprehensive list of untrusted CAs, but it may involve adding an intermediary to root certificate to your chain in nginx. If you know your CA, I can probably help you through adding an intermediary if this is the problem and you'd like some assistance.

View More Comments
mmarcolini
mmarcolini September 13, 2017

Hi Daniel,

I actually got the godaddy bundled certificate appended to the main crt provided and now all three are talking to each other. 

Thanks for the support.

Matteo

Like
Daniel Eads _unmonitored account_
Daniel Eads _unmonitored account_
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
September 13, 2017

Cool - glad that worked for you! Would you be able to hit that small grey check mark to the left of the answer (marks the answer as accepted)? This helps us organize the content on Community and other users looking for an answer.
And for anybody else coming in off Google, here's what to do:

  1. Head over to GoDaddy's certificate store at https://certs.godaddy.com/repository
  2. Open/download the G2 with cross to G1 (including the root) - search the page for gd_bundle-g2-g1.crt to get the right file
  3. Append the text of the GoDaddy cert from step 2 into the .crt or .pem file (the public key) you've got configured in nginx. You can just paste the text from the cert below the existing text on a new line at the bottom of the file.
  4. Reload nginx
Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira Software
TAGS
AUG Leaders

Atlassian Community Events

    See all events