in order to solve HTTPS behind reverse proxy causing Atlassian marketplace redirecting incapability issue,
our team leader decided to run Jira build-in tomcat web server directly.
here are the noting processes as a reminder,
first, Jira 7.6.1 provided a native configuration tool including CLI and GUI based on JAVA 8,
if you want to run it, alter the java version to 1.8 exactly, I tried JAVA 11, but not working.
and you need to set JAVA_HOME in your profile, before running the configuration tool.
then source your profile every time you run it.
profile settings under /etc/profile.d/java.sh
export JAVA_PATH=$JAVA_HOME
export PATH=$PATH:$JAVA_HOME/bin
second, prepare SSL certification files, including both p12 and jks
import them using keytool into java secure library
third, run configuration tool under CLI,
if you wishing to run under GUI, you'll have to allow SSH X11 forwarding,
I ended up setting X authority file utility
references:
https://www.cyberciti.biz/faq/how-to-fix-x11-forwarding-request-failed-on-channel-0/
https://www.wongwonggoods.com/linux/linux-x11-forward/
I set up X11UseLocalhost to no with xauth yum package.
but CLI is good enough
following this manual: https://confluence.atlassian.com/adminjiraserver073/running-jira-applications-over-ssl-or-https-861253906.html
then goes to your jira installation location, in my case, at /opt/atlassian/jir/
finds server.xml under the conf folder,
you'll need to modify a package name or the Jira won't be able to startup,
inside your server.xml about <Connector> settings,
fix this:
to this:
you're done on running jira with build-in tomcat web server.
next is to import ssl certification into jira java keystore
jks and p12 type of file are needed
if you do not have these two certificate files, do steps as following first,
openssl pkcs12 -export -chain -in server.cer -inkey privatekey.key -out jira2019.p12 -name jira2019 -CAfile all.crt
/opt/atlassian/jira/jre/bin/keytool -importkeystore -destkeystore /opt/atlassian/jira/jre/lib/security/jira2019.jks -srckeystore jira2019.p12 -alias jira2019
#keytool -importkeystore -destkeystore /path/to/jira.jks -srckeystore /path/to/jira.p12 -alias jira
but java will complain about type of key, you'll have to transfer jks as pkcs12
#keytool -importkeystore -srckeystore /path/to/jira.jks -destkeystore /path/to/jira.jks -deststoretype pkcs12
then restart jira, that's all.
