Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Where to configure the TLS certificates to have communication between JSM Pod and ingress via HTTPS

Ankit Masaram
Ankit Masaram December 3, 2024

Our goal is to configure the SSL/TLS certificates for JSM Data centre version to have secure communication between JSM Kubernetes pod and Ingress via HTTPS. There we are refering to below links.

1. Running Jira applications over SSL or HTTPS

2. Customizing Jira Data Center configuration files within a kubernetes environment via values.yaml file.

3. Atlassian DC Helm Charts Advanced Configuration.

These links are not that useful which are provided by the JSM team in the support ticket raised by us according to our requirement, does anyone already implemented this scope for the JSM Data Center Version in Kubernetes cluster ? If yes then please share the steps to be performed.

Thanks ! 

Answer
Watch
Like Be the first to like this
244 views

1 answer

0 votes
Yevhen
Yevhen
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
December 3, 2024

@Ankit Masaram it depends on what ingress controller you use. Without ingress controller details I am afraid nobody can help you. 

1. Were you able to run Jira on a secure port?

2. What is your ingress controller?

View More Comments
Ankit Masaram
Ankit Masaram December 3, 2024

No the Jira is currently working on the 80 port.

We are using Azure Application Gateway Ingress Controller.

Like
Yevhen
Yevhen
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
December 3, 2024

There's no documentation but what you can do is:

* copy existing server.xml from the pod

* generate keystore and create a secret in jira namespace

* use additionalFiles feature to mount the secret

* use addtionalConfigMaps to mount your custom server.xml

* change service and container ports to 8443

* in your ingress use annotations to let the controller know that the backend service is https (appgw.ingress.kubernetes.io/backend-protocol maybe?)

 

This is a rough plan, but the Helm chart has all the required flexibility to mount keystores, override configuration files, change ports etc.

Like
Ankit Masaram
Ankit Masaram December 3, 2024

Here the server.xml file will get overwritten as the JSM pod get restarted. How to preserve that ? If you are asking to do it with additionalConfigMaps field in values.yml (Helm Chart) file then there is no config map related to the server.xml file in the JSM pod.

Like
Yevhen
Yevhen
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
December 3, 2024

additionalConfigMaps will create a ConfigMap for you. You just need to define server.xml content that you want.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira Service Desk
Jira Service Management
DEPLOYMENT TYPE
SERVER
PRODUCT PLAN
STANDARD
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.