Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

SSL confiuration with JIRA

sujata Birajdar
sujata Birajdar January 12, 2021

HI Team,

we are planning to upgrade our JIRA instance which is on 7.13 to version 8.13.2 and post the upgrade , we are planning to configre ssl with JIRA.

The atlassian document that i referred looks little confusing .Could you please let us know the steps of  self signed ssl configuration  with JIRA.

It would be really helpful.

 

Answer
Watch
Like Be the first to like this
502 views

3 answers

0 votes
Daniel Ebers
Daniel Ebers
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
January 13, 2021

Hi @sujata Birajdar

there are, indeed, several options. Based on experience the approach with a separate >Reverse Proxy< (for example, using Apache) works best:
https://confluence.atlassian.com/kb/securing-your-atlassian-applications-with-apache-using-ssl-838284349.html

The reverse proxy will be responsible for terminating the SSL connections.
There is also the option to do it in JVM directly - but from what I found during the years, this is a pain to configure.

Yes, even setting up a reverse proxy is not easy as typing one command in and everything would be running - but with some effort and some time considering how the configuration is meant to be, it is doable.

Which part of documentation do you especially find confusing?

Cheers,
Daniel

View More Comments
sujata Birajdar
sujata Birajdar January 13, 2021

Hi Daniel ,

My JIRA is configured with IIS as proxy and apache/tomcat is the application container . The self signed certificate will be provided to us by the server team. My query is how i can change http to https i.e. configure SSL on JIRA with this setup using the self signed certificate. I have referred Running JIRA applications over SSL or HTTPS | Administering Jira applications Data Center and Server 7.3 | Atlassian Documentation this document.

Could you please let me know if any changes needs to be done in server.xml file as the JIRA is standalone setup and i being the newbie in this configuration am totally unaware of the steps.

Like
Daniel Ebers
Daniel Ebers
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
January 13, 2021

There is an anwer from Nic above - kindly refer to this one, where you will find all needed info.

Like
Reply
0 votes
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
January 12, 2021

You have not told us how you are trying to do SSL with the service, or what documentation you have tried to use and where you have got stuck with it.

Could you describe what you're doing and where you got stuck with the doc?

View More Comments
sujata Birajdar
sujata Birajdar January 12, 2021

Hi Nic,

 

We will be implementing SSL on the coming weekend. Our JIRA instance is a standalone JIRA installed on windows as JIRA service with IIS used as proxy . the certificates we will be getting are self signed certificate , 

i referred the URL Running JIRA applications over SSL or HTTPS | Administering Jira applications Data Center and Server 7.3 | Atlassian Documentation

 

Could you please let me know what all config changes we needt to do considering the server.xml or other fies , because this document looks little complicated .

Like
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
January 13, 2021

The config changes you need to do for SSL on the Tomcat side are in that doc.

But you say you want to use IIS as a proxy, which is often done so you don't have to do SSL on the Tomcat.  IIS does all the SSL work and then talks to Jira (with no-one else allowed to talk directly to Jira)

For the IIS SSL, start at https://confluence.atlassian.com/kb/proxying-atlassian-server-applications-with-microsoft-internet-information-services-iis-833931378.html

Like
Reply
0 votes
Prince Nyeche
Prince Nyeche
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
January 12, 2021

Hi @sujata Birajdar 

when I did mine, I used let's encrypt SSL following these steps on ubuntu server and entering the details (i.e. my email address) on the prompts. I had apache httpd running and configured it via a proxy.

add-apt-repository ppa:certbot/certbot

apt-get update

apt-get install python-certbot-apache

certbot --apache -d jira.example.com
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
DEPLOYMENT TYPE
SERVER
VERSION
7.13.0
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Terms Security
    Welcome illustration

    Welcome to the new Atlassian Community

    Online forums and learning are now in one easy-to-use experience.

    By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.