Wild Card SSL deployment on Atlassian Jira with HTTPS redirect

Wildcard SSL deployment on Atlassian Jira Software

When we install the Jira Software successfully on our server. Below are the steps to deploy the wildcard SSL.
  • I purchased the wildcard SSL from Comodo  and I have the bundle files for certificate
  • In tomcat the .pfx (PKCS#12) extension of certificate works instead of .crt so we have to convert our certificate to .pfx
  • We can use the below URL to convert the certificate. For that we need .crt file, private key and the password
  • After the conversion we have the certificate file in .pfx format

  • Open the Atlassian Jira configuration ( C:\Program Files\Atlassian\JIRA\conf\server.xml) file and paste the below setting 
NOTE: Comment the existing setting of connector 

<Connector port="443" protocol="org.apache.coyote.http11.Http11NioProtocol" 
 relaxedPathChars="[]|" relaxedQueryChars="[]|{}^&#x5c;&#x60;&quot;&lt;&gt;"
maxHttpHeaderSize="8192" SSLEnabled="true"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" disableUploadTimeout="true" 
acceptCount="100" scheme="https" secure="true" sslProtocol="TLS" 
keystoreFile="C:\certificate\STAR_Cert.pfx" keystorePass="Your_Password" keyAlias="1" keystoreType="PKCS12" clientAuth="false" connectionTimeout="20000" />
Redirect the HTTP to HTTPS in Atlassian Jira
  • Open the webapp ( C:\Program Files\Atlassian\JIRA\conf\web.xml) file and paste the below text before the </web-app> tag
 <web-resource-name>Protected Context</web-resource-name>
 <!-- auth-constraint goes here if you requre authentication -->
  • Add the connector of port 80 and 443 as well in server.xml- Redirect the port 80 to 443 
 <Connector port="80" relaxedPathChars="[]|" 
maxThreads="150" minSpareThreads="25"
connectionTimeout="20000"   enableLookups="false"
maxHttpHeaderSize="8192" protocol="HTTP/1.1" useBodyEncodingForURI="true" redirectPort="443" acceptCount="100" disableUploadTimeout="true" bindOnInit="false"/> 

  • Now Jira SSL is enabled and working on HTTPS