Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Configuring SSL for FishEye with a keystore having multiple certificates

Dave Hergert
Dave Hergert October 25, 2011

In the FishEye SSL configuration page, it explains how to configure FishEye for SSL. It suggests creating a certificate and adding it to a Java Keystore and pointing FishEye at it. But what if your Java keystore has multiple certificates stored within it? Does FishEye choose the first one? If all your certificates have aliases, can you tell FishEye which one to use (like Tomcat)?

Answer
Watch
Like Chii likes this
1648 views

2 answers

1 accepted

1 vote
Answer accepted
PauloP
PauloP
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
August 29, 2012

Hi

1. The system (Fisheye) will try to find a certificate which the related private key is present. So Fisheye will be able to bind the TCP port and wait for SSL requests.

2. If the related keystore has multiple certificate with valid private keys (for each one), it will try to use the certificate which has the CN value equal to the hostname

In Tomcat, you can add the tag keyAlias (case sensitive) on trying to specify the alias that the app. server should use. However, since Fisheye use Jetty, I don't believe that it could works.

However, if would like to try, open config.xml for editing and add the tag keyalias (not sensitive) with the other ones. For further details, please review the following link:

https://confluence.atlassian.com/display/FISHEYE/FishEye+SSL+configuration#FishEyeSSLconfiguration-configuringssl

Cheers

Paulo Renato

Reply
0 votes
David Levy
David Levy May 26, 2014

Got SSL working on Nexus which also uses Jetty...seems Jetty will default to an alias called... "jetty". Quite obvious when you know the answer... but so frustrating beforehand.

Reply

Suggest an answer

Log in or Sign up to answer
Fisheye
Fisheye/Crucible
TAGS
AUG Leaders

Atlassian Community Events

    See all events