Hi, i'm trying to configure my JIRA Core server for HTTS access using a wildcard certificate but i'm not able :(
Any Atlassian Tecnical support me?
BR
This is my /conf/server file
<?xml version="1.0" encoding="UTF-8"?>
<!--Licensed to the Apache Software Foundation (ASF) under one or morecontributor license agreements. See the NOTICE file distributed withthis work for additional information regarding copyright ownership.The ASF licenses this file to You under the Apache License, Version 2.0(the "License"); you may not use this file except in compliance withthe License. You may obtain a copy of the License athttp://www.apache.org/licenses/LICENSE-2.0Unless required by applicable law or agreed to in writing, softwaredistributed under the License is distributed on an "AS IS" BASIS,WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.See the License for the specific language governing permissions andlimitations under the License. -->
-<Server shutdown="SHUTDOWN" port="8005">
<Listener className="org.apache.catalina.startup.VersionLoggerListener"/>
<Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on"/>
<Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener"/>
<Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener"/>
<Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener"/>
-<Service name="Catalina">
<!--==============================================================================================================DEFAULT - Direct connector with no proxy for unproxied access to Jira.If using a http/https proxy, comment out this connector.============================================================================================================== -->
<!-- Relaxing chars because of JRASERVER-67974 -->
<Connector port="80" bindOnInit="false" disableUploadTimeout="true" acceptCount="100" redirectPort="8443" useBodyEncodingForURI="true" protocol="HTTP/1.1" maxHttpHeaderSize="8192" enableLookups="false" connectionTimeout="20000" minSpareThreads="25" maxThreads="150" relaxedQueryChars="[]|{}^\`"<>" relaxedPathChars="[]|"/>
<!--==============================================================================================================HTTP - Proxying Jira via Apache or Nginx over HTTPIf you're proxying traffic to Jira over HTTP, uncomment the below connector and comment out the others.Ensure the proxyName and proxyPort are updated with the appropriate information if necessary as per the docs.See the following for more information:Apache - https://confluence.atlassian.com/x/4xQLMnginx - https://confluence.atlassian.com/x/DAFmGQ============================================================================================================== -->
<!--<Connector port="80" relaxedPathChars="[]|" relaxedQueryChars="[]|{}^\`"<>"maxThreads="150" minSpareThreads="25" connectionTimeout="20000" enableLookups="false"maxHttpHeaderSize="8192" protocol="HTTP/1.1" useBodyEncodingForURI="true" redirectPort="8443"acceptCount="100" disableUploadTimeout="true" bindOnInit="false" scheme="http"proxyName="<subdomain>.<domain>.com" proxyPort="80"/> -->
<!--==============================================================================================================HTTPS - Proxying Jira via Apache or Nginx over HTTPSIf you're proxying traffic to Jira over HTTPS, uncomment the below connector and comment out the others.Ensure the proxyName and proxyPort are updated with the appropriate information if necessary as per the docs.See the following for more information:Apache - https://confluence.atlassian.com/x/PTT3MQnginx - https://confluence.atlassian.com/x/DAFmGQ============================================================================================================== -->
<!--<Connector port="80" relaxedPathChars="[]|" relaxedQueryChars="[]|{}^\`"<>"maxThreads="150" minSpareThreads="25" connectionTimeout="20000" enableLookups="false"maxHttpHeaderSize="8192" protocol="HTTP/1.1" useBodyEncodingForURI="true" redirectPort="8443"acceptCount="100" disableUploadTimeout="true" bindOnInit="false" secure="true" scheme="https"proxyName="<subdomain>.<domain>.com" proxyPort="443"/> -->
<!--==============================================================================================================AJP - Proxying Jira via Apache over HTTP or HTTPSIf you're proxying traffic to Jira using the AJP protocol, uncomment the following connector lineSee the following for more information:Apache - https://confluence.atlassian.com/x/QiJ9MQ============================================================================================================== -->
<!--<Connector port="8009" relaxedPathChars="[]|" relaxedQueryChars="[]|{}^\`"<>"URIEncoding="UTF-8" enableLookups="false" protocol="AJP/1.3"/> -->
-<Engine name="Catalina" defaultHost="localhost">
-<Host name="localhost" autoDeploy="true" unpackWARs="true" appBase="webapps">
-<Context useHttpOnly="true" reloadable="false" docBase="${catalina.home}/atlassian-jira" path="">
<Resource name="UserTransaction" jotm.timeout="60" factory="org.objectweb.jotm.UserTransactionFactory" type="javax.transaction.UserTransaction" auth="Container"/>
<Manager pathname=""/>
<JarScanner scanManifest="false"/>
</Context>
</Host>
<Valve className="org.apache.catalina.valves.AccessLogValve" pattern="%a %{jira.request.id}r %{jira.request.username}r %t "%m %U%q %H" %s %b %D "%{Referer}i" "%{User-Agent}i" "%{jira.request.assession.id}r""/>
</Engine>
</Service>
</Server>
Hi,
did u imported certificate into the cacert' Are u using a reverse proxy?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
can you help me to import certificate?
we have a router/firewall behind JIRA server
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Stefano,
please read the following guide https://confluence.atlassian.com/kb/how-to-import-a-public-ssl-certificate-into-a-jvm-867025849.html
Let me know if you have problem with that.
Ciao,
Fabio
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
did u try to import cert into jdk cacert? https://confluence.atlassian.com/kb/how-to-import-a-public-ssl-certificate-into-a-jvm-867025849.html
Please could you provide JIRA_INST/conf/server.xml configuration?
Ciao,
Fabio
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.