How to install self-signed SSL on Apache Tomcat on CentOS 7.5

November 7, 2018 1.6k views
CentOS Apache

Can anyone point in the direction of simple, easy, instructions to install a self-signed SSL certificate on CentOS running Apache Tomcat (Jira)?

All I can tell so far is I think my installation uses APR and not JSSE. This is the Digital Ocean CentOS 7.5 image with only Jira installed.

I cannot find a simple set of instructions that doesn’t skip over many important points. For example this guide completely skips over generating the .crt and .pem files. I have now been trying to figure out how to get a set of .crt and .pem and I can’t find any guide that does that either.. Digital Ocean’s guide gives .key, .csr and .crt but not .pem. Other guides give different combinations but apparently not the ones that are needed.

Can anyone just give me the simple version of how to get this done? I just need to generate a compatible self-signed certificate and add it to this Apache Tomcat installation which is only running Jira.

1 Answer

Hello,

What I could suggest here is setting up Nginx as a reverse proxy for your Jira instance and then installing a Let’s Encrypt SSL for Nginx.

Here’s how to setup Nginx for Jira:

https://confluence.atlassian.com/jirakb/configure-jira-server-to-run-behind-a-nginx-reverse-proxy-426115340.html

And then here’s how you could setup the Let’s Encrypt SSL for your Nginx server:

https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-18-04

Regards,
Bobby

by Hazel Virdó
by Kathleen Juell
In this tutorial, we will show you how to use Let's Encrypt to obtain a free SSL certificate and use it with Nginx on Ubuntu 18.04. We will also show you how to automatically renew your SSL certificate. If you're running a different web server, simply follow your web server's documentation to learn how to use the certificate with your setup.
Have another answer? Share your knowledge.