Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Where should I install the proxy server's certificate?

OK, so This issue arises from the website itself;
When I review custom dashboards, they now display with peculiar titles;

__MSG_gh.gadget.rapid.view.title__
__MSG_gadget.stats.title__
__MSG_gadget.filter.results.title__

 

I suspect this is related to inter-server communication, as the certificate for the server's proxy was never installed in the Jira server itself.

How can I resolve this issue?;

If there is a trust store that requires the proxy's certificate, where is it or how can I find it?
How can the certificate be installed in this location?
Are there any additional complexities with this process?

1 answer

0 votes
brbojorque Community Leader Dec 22, 2019

Hi @Kyle Manel ,

Add the public certificate into the truststore. 

Please see the solution here.

https://community.atlassian.com/t5/Jira-questions/How-to-add-CA-cert-to-Jira-s-trust-store/qaq-p/720158

Hi Bryan,

 

Thanks for your comment.

The suggestion you provide would install the cert into the cacerts file;

The cert I am installing is not for a certificate authority, but for a server.  There must be a subsidiary certificate store for this, yes?

brbojorque Community Leader Jan 02, 2020

Hi @Kyle Manel ,

You just need to install the Public certificate of your server in the cacerts file.

It does not matter if it is from an authority or not.

Functionally that is correct, but that is most certainly not best practices.

When I attempt installation of the certificate an error is thrown;
openssl s_client -connect jira.mydomain.com:443 -servername jira.mydomain.com:443 < /dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /tmp/public.crt
140683954233792:error:0200206F:system library:connect:Connection refused:../crypto/bio/b_sock2.c:110:
140683954233792:error:2008A067:BIO routines:BIO_connect:connect error:../crypto/bio/b_sock2.c:111:
connect:errno=111

brbojorque Community Leader Jan 05, 2020

Hi @Kyle Manel ,

Download the certificate in your local machine and manually add it to your cacert in the server.

It is either you don't have sudoer permission or your server is not accessible to the internet.

Apologies, that is what I am trying to do;

s_client -connect "${SERVER_URL}":"${PORT}" | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /tmp/public.crt && cd /usr/lib/jvm/java-8-oracle/bin

The above command, when working as expected, pulls the certificate provided from "${SERVER}":"${PORT}" into /tmp/public.crt

Those steps are also quoted from the link you provided, and which I have used in the past.

I have managed to acquire the cert with other steps though, and I will be importing it tomorrow.  I'm guessing there may have been a firewall issue, which is blocking the cert from being pulled from the proxy, and I will be verifying that when time allows, once I have this issue resolved.

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Published in Jira Software

How to create Jira issus from Excel file?

When to use CSV importer When managing your processes in Jira, there are many occasions where you need to create a lot of tasks. Creating them one by one will cost you a lot of time and effort and i...

4,376 views 22 32
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you