Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Fixed
Priority: High
Fix Version/s: 4.3.4, Bugfix Release
Affects Version/s: 4.3.2
Component/s: None
Labels:
- affects-server
- support_backlog

Introduced in Version:
4.03
Bug Fix Policy:
View Atlassian Server bug fix policy

Description

As of JIRA 4.3.1 we are upgrading Tomcat to 6.0.32. In the same time we seem to change Tomcat's binary package for Windows from apache-tomcat-6.0.20.zip to apache-tomcat-6.0.32-windows-x86.zip.

https://maven.atlassian.com/content/groups/internal/org/apache/tomcat/apache-tomcat/6.0.32/
http://archive.apache.org/dist/tomcat/tomcat-6/v6.0.32/bin/

This change introduce requirement for new way of configuring of HTTPS as Tomcat uses Apache Portable Runtime (APR) based Native library for Tomcat.

Tomcat can use the Apache Portable Runtime to provide superior scalability, performance, and better integration with native server technologies. The Apache Portable Runtime is a highly portable library that is at the heart of Apache HTTP Server 2.x. APR has many uses, including access to advanced IO functionality (such as sendfile, epoll and OpenSSL), OS level functionality (random number generation, system status, etc), and native process handling (shared memory, NT pipes and Unix sockets).

These features allows making Tomcat a general purpose webserver, will enable much better integration with other native web technologies, and overall make Java much more viable as a full fledged webserver platform rather than simply a backend focused technology.

If this is intended change we should alter our docs to indicate and warn users. Pages such as release notes and Running JIRA over SSL or HTTPS are just two possible candidates for the update.

As of JIRA 4.3.1 the HTTPS connector needs to be configured in a completely different way with help of OpenSSL:

<Connector port="443" maxHttpHeaderSize="8192"
               maxThreads="150"
               enableLookups="false" disableUploadTimeout="true"
               acceptCount="100" scheme="https" secure="true"
               SSLEnabled="true" 
               SSLCertificateFile="${catalina.base}/conf/localhost.crt"
               SSLCertificateKeyFile="${catalina.base}/conf/localhost.key" />

http://tomcat.apache.org/tomcat-6.0-doc/apr.html#HTTPS
http://mircwiki.rsna.org/index.php?title=Configuring_Tomcat_to_Support_SSL

Moreover, we need to ensure that we are consistent across the boarder and JIRA's Linux distribution also uses Apache Tomcat Native.

Attachments

Issue Links

details

JRASERVER-24489 Update JIRA HTTPS configuration page accordingly

Closed

mentioned in: Wiki Page Loading...

Activity

People

Assignee:: Peter Leschev

Reporter:: Bogdan Dziedzic [Atlassian]

Votes:: 2 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 02/May/2011 9:54 PM

Updated:: 12/Sep/2019 6:35 AM

Resolved:: 26/May/2011 11:13 PM