I am having an issue with getting Jira to run over HTTPS. Every time I add a signed key store into the Jira configuration tool it is able to see the certificate and all of the information is right, but when I reboot the service it will never start, it just gives an error saying the service started and then stopped. If I turn it to just HTTP it works normally. The certificate I have was created with Portecle and signed by Let's Encrypt. This was working with 7.2, but after installing 7.5 this continues to happen. I have created a new virtual machine with a clean install of Windows and fully configured Jira, MySQL, and created the certificate by following the Atlassian documentation. I am not sure what else to do or why it isn't working with the certificate.
Well after going through the logs and doing some more research I figured out the issue!
I had the wrong connector in the server.xml file. Whenever I run the configuration tool for HTTPS it changes it back though, but at least I know how to fix it.
I will look into the reverse proxy as well, thanks!
Good to hear you found the solution. If you need any assistance with the reverse proxy, let me know.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Personally, I can recommend using a reverse proxy. The config is easier to setup and more stable with updating JIRA.
You can read the documentation for Integrating JIRA with Nginx if you need more information.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hello,
Please go over the following steps and let us know the output:
1) What is the installation directory for the JAVA VM running JIRA? You will need to locate the cacerts file.
2) Back up the original cacerts file
3) Generate the list of certificates in the cacerts file before applying any changes
keytool -list -keystore cacerts -v > cacerts_orig_cert_list.out
4) Import the public certificate into the cacerts file
keytool -import -alias your_domain_com -keystore /usr/java/latest/jre/lib/security/cacerts -file my.certificate.domain.com.crt
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I was able to import the keystore and it said it completed successfully, but the same issue is occurring. The service will start when set to HTTP only, but when HTTPS is selected it won't run.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
OK, let's take a look at the atlassian-jira.log in the jira home logs folder. There should be some error there related to the certificate. You should also try starting jira with the bin/start-jira.bat rather than the service as that may behave slightly differently due to how Windows service permissions work.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
 
 
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.