

This is done because your Certificate will be signed by a Certificate Authority who says they have confirmed you are who you say you are. Their solution: Have someone you trust to vouch for them. How does your Browser know the Certificate a site is using is who they claim to be? This question was the principal problem they were trying to solve when Netscape first dreamed up HTTPS.

This Certificate is usually a single file onto itself and will be called out specifically in your configuration. The Certificate is the public key in your key pair – and is what browsers will use to encrypt and decrypt data coming from your system. After you generate your request, you won’t need it again, but it is a critical part of the process. This file is generated simultaneously as your key and will be what you use to communicate the details of your certificate request to the certificate authority. It is the only file that can decrypt requests sent to your server, and if hackers get it, they can pretend to be you. This key is the file you need to keep secure to maintain security. Most certificate authorities will have guides to generate these different files (and if they don’t, I won’t give them my money), so I won’t go into detail about getting them. Different files associated with the Certificateīefore we get too far down the rabbit hole, let’s take a moment to talk about the different files that you will need as you generate and install your Certificate. Instead, I will be talking about the practicalities of setting up your Jira instance to use SSL Certs. Today I won’t go into how HTTPS works in any detail – if you want to know that, I recommend this article by Cloudflare. By doing so, you will deny anyone sitting between you and the Jira Server access to read whatever you are sending back and forth (see aforementioned passwords and company secrets). This is likely fine for a test instance you only need for a few days, but if you are setting this up for Production use, you should be accessing Jira via the encrypted HTTPS protocol. Simply put, they never imagined a situation where you would be using this tool to send passwords, company secrets, and banking information across the network.īy default, Jira is configured to use the unencrypted HTTP protocol out of the box. Considering the HTTP protocol was initially designed to share research materials across the early network, this does make sense. So, in the early internet, they prioritized access over security. That being said, this is important…and more importantly, it’s the only thing on my backlog that looks interesting today! So let’s dig into setting up Jira to be accessed securely by assigning it an SSL Certificate. This topic can be a bit of a rabbit hole and one that I’m wary of. It’s not that I don’t believe in having a certificate on your service – quite the opposite. Well, I’ve been avoiding this topic for a while.
