Atlassian | Human Brothers

Enable https in Atlassian

To enable https in JIRA, this line should be added in server.xml

<Connector SSLEnabled="true" acceptCount="100" clientAuth="false" connectionTimeout="20000" disableUploadTimeout="true" enableLookups="false" keyAlias="jira-domain-com" keystoreFile="C:\Program Files\Atlassian\JIRA\jre\lib\security\cacerts" keystorePass="<jks password>" keystoreType="JKS" maxHttpHeaderSize="8192" maxSpareThreads="75" maxThreads="150" minSpareThreads="25" port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" scheme="https" secure="true" sslProtocol="TLS" relaxedPathChars="[]|" relaxedQueryChars="[]|{}^\`"<>" useBodyEncodingForURI="true"/>

In Windows the file’s path is typically:

C:\Program Files\Atlassian\JIRA\conf\server.xml

Filed under: Atlassian by goran
Kommentarer inaktiverade för Enable https in Atlassian

Import Let’s Encrypt to JKS

You can perform a manual verification – with the manual plugin.

certbot -d jira.domain.com --manual --preferred-challenges dns certonly

Certbot will then provide you an instructions to manually update a TXT record for the domain in order to proceed with the validation.

Please deploy a DNS TXT record under the name
_acme-challenge.jira.domain.com with the following value:

667drNmQL3vX6bu8YZlgy0wKNBlCny8yrjF1lSaUndc

Once this is deployed,
Press ENTER to continue

Once you have updated DNS record, press Enter, certbot will continue and if LetsEncrypt CA verifies the challenge, certificate is issued as normally.

In Linux the certs will be in

/etc/letsencrypt/live/jira.domain.com

cd into that directory and execute (the name will at import set the keyalias):

openssl pkcs12 -export -in cert.pem -inkey privkey.pem -name jira-domain-com -out jira.p12

Set the password to the same as the JKS file. Default password is:

changeit

Copy jira.p12 to the folder where the default keystore cacerts is. In Windows the cacerts is usually in:

C:\Program Files\Atlassian\JIRA\jre\lib\security

Since keytool command is in relationship to cacerts normally:

..\..\bin\keytool.exe

The import command would be (in the cacerts directory):

..\..\bin\keytool -importkeystore -deststorepass [password] -destkeystore cacerts -srckeystore jira.p12 -srcstoretype PKCS12

If there is a need to import the chain.pem the command would be:

..\..\bin\keytool -import -alias letsencrypt -trustcacerts -file chain.pem -keystore cacerts

The added line in server.xml:

<Connector SSLEnabled="true" acceptCount="100" clientAuth="false" connectionTimeout="20000" disableUploadTimeout="true" enableLookups="false" keyAlias="jira-domain-com" keystoreFile="C:\Program Files\Atlassian\JIRA\jre\lib\security\cacerts" keystorePass="<jks password>" keystoreType="JKS" maxHttpHeaderSize="8192" maxSpareThreads="75" maxThreads="150" minSpareThreads="25" port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" scheme="https" secure="true" sslProtocol="TLS" relaxedPathChars="[]|" relaxedQueryChars="[]|{}^\`"<>" useBodyEncodingForURI="true"/>

Filed under: Atlassian by goran
Kommentarer inaktiverade för Import Let’s Encrypt to JKS

Identity Management of Atlassian software is a science in it self. There are two different approaches with Atlassian Cloud and Atlassian Servers. Atlassian Cloud is managed through a global directory shared amongst the cloud services. This identiry is often referred to as Atlassian ID. To ensure uniqueness of the identity, the user’s email is being used as the ID. Read More on Atlassian ID…

In Atlassian Server, the identity is usually a combination of a “in application” directory, and back end directories. It is possible to do management of the identities through API, but more commonly the functionality of integrating LDAP directories as a back end is used. Read More on Atlassian Server Directories…

Okta can integrate with both Atlassian Cloud and Atlassian Servers, both in regards to Access Control (AC or SSO) and Identity Management (IdM). The integration with Atlassian Cloud has to go through Atlassian ID, and requires an additional license, Atlassian Access. The integration with Atlassian Server includes support for both AC and IdM, without additional licensing. The IdM is easiest to manage through the feature of Okta as a LDAP service in the cloud. Okta offers a jar file and configuration examples for the basic use case of SAML, both IdP and SP initiated use cases.

Filed under: Atlassian, Atlassian by goran
Kommentarer inaktiverade för Atlassian Introduction

Cookie	Varaktighet	Beskrivning
__utma	1 year 1 month 4 days	Google Analytics sets this cookie to distinguish users and sessions. The cookie is created when the JavaScript library executes and there are no existing __utma cookies. The cookie is updated every time data is sent to Google Analytics.
__utmb	1 hour	Google Analytics sets this cookie to determine new sessions/visits. __utmb cookie is created when the JavaScript library executes and there are no existing __utma cookies. It is updated every time data is sent to Google Analytics.
__utmc	session	Google Analytics sets this cookie to enable interoperability with urchin.js, an older version of Google Analytics and is used in conjunction with the __utmb cookie to determine new sessions/visits. It is deleted when the user closes the browser.
__utmt	10 minutes	Google Analytics sets this cookie to inhibit the request rate.
__utmz	6 months	Google Analytics sets this cookie to store the traffic source or campaign by which the visitor reached the site.