reach out to support for steps to implement SSL to an existing environment, and to lock the system so that users would have to be provisioned as opposed to it being wide open
You're already part way down the best path to configuring SSL. I always recommend you get Jira up and running (and briefly tested) over http before starting on SSL.
Once it's running ok, stop it and run through https://confluence.atlassian.com/adminjiraserver071/running-jira-applications-over-ssl-or-https-802593051.html
As for the provisioning, just make sure you put the system into "private" mode in the General Configuration - this stops people "signing up" - only admins can create users. Also consider external user directories, these can be configured read-only to force admin to create users.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.