We are hosting our own Jira Server and will make it public; my users will be connecting via SSL. My question is if I need to worry about making sure Jira and Confluence are using an SSL connection to mysql? Jira, Confluence, and mysql are all on the same server.
I would configure MySQL to bind to 127.0.0.1 only. Then point each application to 127.0.0.1 to connect to the DB.
In order for someone to intercept the DB traffic this way, they would need to be logged in to the server. If an attacker has gotten that far, you probably have bigger problems to worry about, so I wouldn't bother encrypting that DB traffic. :)
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
We're bringing product updates and pro tips on teamwork to ten cities around the world.Save your spot