Configure https for JIRA

2015-07-14 10_45_10-System Dashboard - Machine JIRA

I installed JIRA on my Ubuntu 14.04 machine according to
http://engineerbabu.com/2014/10/14/install-jira-ubuntu-14-04-lts/

What was missing was the https support, i.e. the support for secure data transfers.
Here, I followed
https://confluence.atlassian.com/display/JIRA/Running+JIRA+over+SSL+or+HTTPS
and
http://tomcat.apache.org/tomcat-6.0-doc/ssl-howto.html

Install https support as follows on the command line:

JAVA_HOME=/opt/atlassian/jira/jre
JIRA_HOME=/opt/atlassian/jira/atlassian-jira
sudo $JAVA_HOME/bin/keytool -genkey -alias tomcat -keyalg RSA -keystore $JIRA_HOME/jira.jks
Enter keystore password: *****
What is your first and last name? : machine return a few times ... yes ... return
$JAVA_HOME/bin/keytool -certreq -keyalg RSA -alias tomcat -keystore $JIRA_HOME/jira.jks -file $HOME/jira.csr
$JAVA_HOME/bin/keytool -list -alias tomcat -keystore $JIRA_HOME/jira.jks
sudo cp /opt/atlassian/jira/conf/server.xml /opt/atlassian/jira/conf/server.xml.bak
sudo vi /opt/atlassian/jira/conf/server.xml

Contrary to Atlassian's documentation, you have to specify attributes keystoreFile and keystorePass in the Connector element in the server.xml file, e.g.:

<Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol" maxHttpHeaderSize="8192" SSLEnabled="true" maxThreads="150" minSpareThreads="25" enableLookups="false" disableUploadTimeout="true" acceptCount="100" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" useBodyEncodingForURI="true" keystoreFile="/opt/atlassian/jira/jira.jks" keystorePass="******"/>

Then stop'n'start JIRA:

sudo service jira stop
sudo service jira start

Now try to open following URL in your browser (replace 'machine' by your host name):
https://machine:8443/

Leave a Reply

Your email address will not be published. Required fields are marked *