Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Configuring JIRA server over HTTPS with wildcard certificate

Stefano Sbalchiero
Stefano Sbalchiero February 11, 2019

Hi, i'm trying to configure my JIRA Core server for HTTS access using a wildcard certificate but i'm not able :( 

Any Atlassian Tecnical support me?

 

BR 

Answer
Watch
Like Be the first to like this
1691 views

2 answers

0 votes
Stefano Sbalchiero
Stefano Sbalchiero February 11, 2019

This is my /conf/server file

 

<?xml version="1.0" encoding="UTF-8"?>

<!--Licensed to the Apache Software Foundation (ASF) under one or morecontributor license agreements. See the NOTICE file distributed withthis work for additional information regarding copyright ownership.The ASF licenses this file to You under the Apache License, Version 2.0(the "License"); you may not use this file except in compliance withthe License. You may obtain a copy of the License athttp://www.apache.org/licenses/LICENSE-2.0Unless required by applicable law or agreed to in writing, softwaredistributed under the License is distributed on an "AS IS" BASIS,WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.See the License for the specific language governing permissions andlimitations under the License. -->

-<Server shutdown="SHUTDOWN" port="8005">

<Listener className="org.apache.catalina.startup.VersionLoggerListener"/>

<Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on"/>

<Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener"/>

<Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener"/>

<Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener"/>


-<Service name="Catalina">

<!--==============================================================================================================DEFAULT - Direct connector with no proxy for unproxied access to Jira.If using a http/https proxy, comment out this connector.============================================================================================================== -->


<!-- Relaxing chars because of JRASERVER-67974 -->


<Connector port="80" bindOnInit="false" disableUploadTimeout="true" acceptCount="100" redirectPort="8443" useBodyEncodingForURI="true" protocol="HTTP/1.1" maxHttpHeaderSize="8192" enableLookups="false" connectionTimeout="20000" minSpareThreads="25" maxThreads="150" relaxedQueryChars="[]|{}^\`"<>" relaxedPathChars="[]|"/>

<!--==============================================================================================================HTTP - Proxying Jira via Apache or Nginx over HTTPIf you're proxying traffic to Jira over HTTP, uncomment the below connector and comment out the others.Ensure the proxyName and proxyPort are updated with the appropriate information if necessary as per the docs.See the following for more information:Apache - https://confluence.atlassian.com/x/4xQLMnginx - https://confluence.atlassian.com/x/DAFmGQ============================================================================================================== -->


<!--<Connector port="80" relaxedPathChars="[]|" relaxedQueryChars="[]|{}^&#x5c;&#x60;&quot;&lt;&gt;"maxThreads="150" minSpareThreads="25" connectionTimeout="20000" enableLookups="false"maxHttpHeaderSize="8192" protocol="HTTP/1.1" useBodyEncodingForURI="true" redirectPort="8443"acceptCount="100" disableUploadTimeout="true" bindOnInit="false" scheme="http"proxyName="<subdomain>.<domain>.com" proxyPort="80"/> -->


<!--==============================================================================================================HTTPS - Proxying Jira via Apache or Nginx over HTTPSIf you're proxying traffic to Jira over HTTPS, uncomment the below connector and comment out the others.Ensure the proxyName and proxyPort are updated with the appropriate information if necessary as per the docs.See the following for more information:Apache - https://confluence.atlassian.com/x/PTT3MQnginx - https://confluence.atlassian.com/x/DAFmGQ============================================================================================================== -->


<!--<Connector port="80" relaxedPathChars="[]|" relaxedQueryChars="[]|{}^&#x5c;&#x60;&quot;&lt;&gt;"maxThreads="150" minSpareThreads="25" connectionTimeout="20000" enableLookups="false"maxHttpHeaderSize="8192" protocol="HTTP/1.1" useBodyEncodingForURI="true" redirectPort="8443"acceptCount="100" disableUploadTimeout="true" bindOnInit="false" secure="true" scheme="https"proxyName="<subdomain>.<domain>.com" proxyPort="443"/> -->


<!--==============================================================================================================AJP - Proxying Jira via Apache over HTTP or HTTPSIf you're proxying traffic to Jira using the AJP protocol, uncomment the following connector lineSee the following for more information:Apache - https://confluence.atlassian.com/x/QiJ9MQ============================================================================================================== -->


<!--<Connector port="8009" relaxedPathChars="[]|" relaxedQueryChars="[]|{}^&#x5c;&#x60;&quot;&lt;&gt;"URIEncoding="UTF-8" enableLookups="false" protocol="AJP/1.3"/> -->



-<Engine name="Catalina" defaultHost="localhost">


-<Host name="localhost" autoDeploy="true" unpackWARs="true" appBase="webapps">


-<Context useHttpOnly="true" reloadable="false" docBase="${catalina.home}/atlassian-jira" path="">

<Resource name="UserTransaction" jotm.timeout="60" factory="org.objectweb.jotm.UserTransactionFactory" type="javax.transaction.UserTransaction" auth="Container"/>

<Manager pathname=""/>

<JarScanner scanManifest="false"/>

</Context>

</Host>

<Valve className="org.apache.catalina.valves.AccessLogValve" pattern="%a %{jira.request.id}r %{jira.request.username}r %t "%m %U%q %H" %s %b %D "%{Referer}i" "%{User-Agent}i" "%{jira.request.assession.id}r""/>

</Engine>

</Service>

</Server>
View More Comments
Fabio Racobaldo _Herzum_
Fabio Racobaldo _Herzum_
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
February 11, 2019

Hi,

did u imported certificate into the cacert' Are u using a reverse proxy?

Like
Stefano Sbalchiero
Stefano Sbalchiero February 12, 2019

can you help me to import certificate?

we have a router/firewall  behind JIRA server

Like
Fabio Racobaldo _Herzum_
Fabio Racobaldo _Herzum_
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
February 12, 2019

Hi Stefano,

please read the following guide  https://confluence.atlassian.com/kb/how-to-import-a-public-ssl-certificate-into-a-jvm-867025849.html 

Let me know if you have problem with that.

Ciao,

Fabio

Like
Reply
0 votes
Fabio Racobaldo _Herzum_
Fabio Racobaldo _Herzum_
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
February 11, 2019

Hi @Stefano Sbalchiero,

did u try to import cert into jdk cacert? https://confluence.atlassian.com/kb/how-to-import-a-public-ssl-certificate-into-a-jvm-867025849.html

Please could you provide JIRA_INST/conf/server.xml configuration?

Ciao,

Fabio

Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira Software
TAGS
AUG Leaders

Atlassian Community Events

    See all events