Hi - hoping someone can help on this.
We're looking to deploy Jira Software DC in Azure (no azure template as we've an already established deployment pattern etc.). The basic installation in VM is fine, I can log in, browse, access whatever I need.. However when enabling SSL (so we can integrate SSO) I want to use the cryptography store in windows & "Windows-MY" as a keystore for the service account.
So:
- Windows server 2016 setup, Azure SQL back-end, runs fine, can log in, no major issues .. (few minor ones like gadget feed URL takes a while to warm up)
- Importing the certificate using keytool works fine (signed cert works fine in other applications including .net and another jira installation). I can see the cert using keytool, and certmgr for the user (which is running the Tomcat process)
- key alias is being picked up (tried with incorrect & correct key alias, we get the "no_alias" error when an invalid keyAlias is specified)
- Looks like it's reading the keystore & validating itself.
- We however get an error on startup:
WARNING [main] org.apache.tomcat.util.net.openssl.OpenSSLContext.init Error initializing SSL context
java.lang.NullPointerException
at org.apache.tomcat.util.net.openssl.OpenSSLContext.addCertificate(OpenSSLContext.java:411)
The really annoying part? We have this working correctly in Jira Service Desk using Windows-MY certificates on Server 2019 ! - Same PFX file.. Same import procedure.. JSD vs JSW.. Different results!
Any thoughts would be HUGELY appreciated!?
A
-
