Details
-
Bug
-
Resolution: Fixed
-
High
-
4.3.2
-
None
-
4.03
-
Description
As of JIRA 4.3.1 we are upgrading Tomcat to 6.0.32. In the same time we seem to change Tomcat's binary package for Windows from apache-tomcat-6.0.20.zip to apache-tomcat-6.0.32-windows-x86.zip.
https://maven.atlassian.com/content/groups/internal/org/apache/tomcat/apache-tomcat/6.0.32/
http://archive.apache.org/dist/tomcat/tomcat-6/v6.0.32/bin/
This change introduce requirement for new way of configuring of HTTPS as Tomcat uses Apache Portable Runtime (APR) based Native library for Tomcat.
Tomcat can use the Apache Portable Runtime to provide superior scalability, performance, and better integration with native server technologies. The Apache Portable Runtime is a highly portable library that is at the heart of Apache HTTP Server 2.x. APR has many uses, including access to advanced IO functionality (such as sendfile, epoll and OpenSSL), OS level functionality (random number generation, system status, etc), and native process handling (shared memory, NT pipes and Unix sockets).
These features allows making Tomcat a general purpose webserver, will enable much better integration with other native web technologies, and overall make Java much more viable as a full fledged webserver platform rather than simply a backend focused technology.
If this is intended change we should alter our docs to indicate and warn users. Pages such as release notes and Running JIRA over SSL or HTTPS are just two possible candidates for the update.
As of JIRA 4.3.1 the HTTPS connector needs to be configured in a completely different way with help of OpenSSL:
<Connector port="443" maxHttpHeaderSize="8192" maxThreads="150" enableLookups="false" disableUploadTimeout="true" acceptCount="100" scheme="https" secure="true" SSLEnabled="true" SSLCertificateFile="${catalina.base}/conf/localhost.crt" SSLCertificateKeyFile="${catalina.base}/conf/localhost.key" />
http://tomcat.apache.org/tomcat-6.0-doc/apr.html#HTTPS
http://mircwiki.rsna.org/index.php?title=Configuring_Tomcat_to_Support_SSL
Moreover, we need to ensure that we are consistent across the boarder and JIRA's Linux distribution also uses Apache Tomcat Native.
Attachments
Issue Links
- details
-
JRASERVER-24489 Update JIRA HTTPS configuration page accordingly
- Closed
- mentioned in
-
Wiki Page Loading...