How Do I Use an SSL Certificate Generated Using openssl?

Usage FAQ

On this page

Still need help?

The Atlassian Community is here for you.

Ask the community

You have an SSL Certificate that was generated using openssl, and you would like to use it with JIRA.

You need to have both the signed ssl certificate and the private key that was generated using openssl. Then you convert the certificate + key pair to pkcs12 format using openssl:

[amyers@erdinger:ssl]$ openssl pkcs12 -export -in server.cert  -inkey server.key -out server.p12

When doing this, openssl should ask for a password, so remember whatever you enter here. This will convert the certificate (server.cert) and the private key (server.key) into a pkcs12 file (server.p12).

Next you simply need to configure tomcat to use the pkcs12 (.p12) file as its keystore by editing $JIRA_HOME/conf/server.xml:

<Connector port="8443" maxHttpHeaderSize="8192"
                   maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
                   enableLookups="false" disableUploadTimeout="true"
                   acceptCount="100" scheme="https" secure="true"
                   clientAuth="false" sslProtocol="TLS" SSLEnabled="true"
                   URIEncoding="UTF-8" keystorePass="changeit" 
                   keystoreType="pkcs12" keystoreFile="/path/to/server.p12" />

The important thing to specify is that keystoreType="pkcs12". The keystorePass is whatever password you gave when generating pkcs12 file, and the keystoreFile is the path to the file.

The process should be the same for Confluence (or indeed any other application running on Tomcat).

Last modified on Dec 11, 2013

Was this helpful?

Yes
No
Provide feedback about this article
Powered by Confluence and Scroll Viewport.