Skip to main content

Setup SSL for Jira

How to do it...

Perform the following steps to import an SSL certificate:

1. Open up a command window and go to the directory where the certificate file

2. Generate a Java KeyStore (JKS) for JIRA by running the

keytool -genkey -alias jira -keyalg RSA -keystore /opt/jks/jira.jks

3. Import the certificate into KeyStore repository
keytool -import -alias jira -keystore JIRA_INSTALL/jira.jks -file file.crt

where file.crt is the certificate file.

4. Open the server.xml file located in the /opt/atlassian/jira/conf directory in a text editor.

5. Locate and uncomment the following XML configuration snippet:

minSpareThreads="25" maxSpareThreads="75"
acceptCount="100" scheme="https" secure="true"
sslProtocol="TLS" useBodyEncodingForURI="true"



Install certbot ppa:

sudo add-apt-repository ppa:certbot/certbot

then install certbot:
sudo apt install certbot

 run certbot for manual installation of letsencrypt using challenge via DNS:

sudo certbot certonly --manual --preferred-challenges dns

openssl pkcs12 -export -in fullchain1.pem -inkey privkey1.pem -out cert_and_key.p12 -name tomcat -CAfile chain1.pem -caname root

keytool -importkeystore -srcstorepass ppz2017 -deststorepass ppz2017 
-destkeypass ppz2017 -srckeystore 
-srcstoretype PKCS12 -alias tomcat 
-keystore jira.jks

TO see what contains in the keystore:
keytool -list -keystore /opt/jks/jira.jks

6. Restart JIRA to apply the changes.
sudo systemctl stop jira
sudo systemctl start jira


Popular posts from this blog

mplayer-gui error : Error in skin config file

After installing mplayer-gui package, I can't start it.

$ gmplayer MPlayer 1.1-4.8 (C) 2000-2012 MPlayer Team mplayer: could not connect to socket mplayer: No such file or directory Failed to open LIRC support. You will not be able to use your remote control. Error in skin config file on line 6: PNG read error in /usr/share/mplayer/skins/default/main Config file processing error with skin 'default'
After googling a bit, I found out that it was due to the png files in dir /usr/share/mplayer/skins/default. This is the default skin directory. To fix this error, I have to install ImageMagick package because I want to use the convert program to convert all of the png files to format png24. Thus, cd /usr/share/mplayer/skins/default; for FILE in *.png ; do sudo convert $FILE -define png:format=png24 $FILE ; done
Rerun gmplayer and all should be fine.
Have fun!
UPDATE (02-10-2017)

It doesn't work on Ubuntu 16.04 (xenial) but there's a workaround here.

You can update your syst…

Moving your mysql database to another hard disk

Recently, my server's only hard disk was almost full. I bought a new hard disk with bigger size and I decided to just add it as a second hard disk. Since I need to move it to the 2nd hard disk, I need to find a proper way to move the db with minimum downtime. So I googled around and found a solution.
First, I needed to format the 2nd hard disk and I chose xfs as the filesystem. I created 2 partitions using Linux's fdisk for this task. First partition is 10 GB and 2nd one is around 900 GB. That's approximately added up to 1 TB. Then I mounted the 2nd partition in current partition eg /media/hd2 as follows:
mount -t xfs /dev/sdb5 /media/hd2
where /dev/sdb5 is the partition and /media/hd2 is the mounting dir.
Stop mysql db before doing anything:
service mysql stop
Afterthat, I copied the entire db to newly mounted hard disk:
cp -rv /var/lib/mysql /media/hd2
It will take a while if you have huge databases.
Then, change the ownership of the dir to user and group of mysql:
chown -R mysql:…

postfix - mailbox size limit and message size limit

postfix is my MTA of choice. I use it for my mailserver because its simplicity , security and sendmail-compatible (the widely used smtp in the world but not as secure). It is also extensible by plugging other servers for various purposes (antispam, antivirus,database etc).

I had one problem with file attachment larger than 10MB. Users couldn't send it although I have setup squirrelmail (SM) to be able to attach files summed up more than 20MB and I had modified php settings as per here. The problem was not in SM setting. It was postfix. By default, attachment size that can be sent by postfix is 10MB ~ 10240000 byte. How did I know it? I looked in log file (for my system it is in /var/log/mail/errors. For other system, the file to look is /var/log/maillog). The line looked like this:

Feb 26 16:30:53 webmail postfix/sendmail[30775]: fatal: Message file too big

Open /etc/postfix/ with a text editor of choice and find message_size_limit directive an…