We have an on-premise installation of various Atlassian products (JIRA, Confluence, Bamboo, Fisheye, Crucible, and Stash) all running behind a corporate firewall. We have enabled HTTPS access for each of these applications by utilizing our F5 load balancer to act as a proxy (which terminates the SSL and handles all certificates).
However, in order to get certain things working correctly (namely, Application Links), I have to import the SSL certificates from each of the applications into the Java keystore files on each server. This can be kind of a pain to maintain... any time a single certificate gets updated, I have several places to go to for importing the new certificate (all of which requires a restart of each application). Also, any time I upgrade Java (or upgrade an application that is using its own internal Java), then I have to re-import each of those certificates.
Is there any way to make this easier? I was hoping that I could just import the Root CA certificate for our corporate network and have that handle all downstream certificates, but that doesn't seem to work.... Does anybody out there have better ideas? How are you handling this in your organizations?
Yep this is a pain! Try the following:
Badges are a great way to show off community activity, whether you’re a newbie or a Champion.Learn more
Hi Atlassian Community! My name is Shana, and I’m on the Jira Software team. One of the many reasons this Community exists is to connect you to others on similar product journeys or with comparabl...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs