How to setup https for ActivityTimeline

Method 1 - Proxy server: How to Configure HTTPS access for ActivityTimeline

If you already have Apache HTTPD, NGINX or MS IIS server hosting the web portal through HTTPS protocol then the easiest way would be to update its configuration to serve as a proxy server of ActivityTimeline as well.

Step 1. Create a new rule in a proxy server

  • 1
    Apache HTTPD:
    ProxyPass / http://localhost:8040
  • 2
    NGINX:
    server {

       ........
       
       underscores_in_headers    on;
       
       location / {
           proxy_set_header Host $host;
           proxy_set_header X-Real-IP $remote_addr;
           proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
           proxy_set_header X-Forwarded-Proto $scheme;
           proxy_pass http://localhost:8040;
           
           proxy_pass_request_headers on;
           
       }
    }
Important: NGINX should allow underscore symbols in headers for correct work. More details on NGINX configuration here.

Step 2. Restart Proxy Server

  • 1
    Restart your proxy server for the new rule to take effect.
  • 2
    ActivityTimeline should be accessible from https://[YOUR_SERVER_NAME]/at context path.

Method 2 - Tomcat Server: How to Configure HTTPS access for ActivityTimeline

ActivityTimeline uses Tomcat 7 as application server, so HTTPS configuration is the same as for a regular Tomcat application server. It can be configured to run on HTTPS without changing Jira config.

Step 1. Obtain SSL Certificate and Create JKS Keystore

  • 1
    If you have Jira running through HTTPS then you can reuse the same certificates keystore;
  • 2
    Find jira.jks keystore file (or the like);
  • 3
    Reuse it for the Step 2.
  • 4
    Otherwise, refer to the guides (from references below) to:
    - generate a new JKS keystore,
    - issue CSR request,
    - obtain a signed SSL certificate,
    - import it (site.crt) certificate file as well as intermediate certificate file (intermediate.crt) and root certificate (root.crt) into JKS keystore.
  • 5
    Use that JKS file for Step 2.

Step 2. Configuring ActivityTimeline Tomcat for using created keystore file – SSL config

  • 1
    Open ActivityTimeline installation directory and open the conf folder.
    Inside this folder, you will find the server.xml file. Open that file for editing.
  • 2
    Find the following declaration:
    <!--
    <Connector port="8043" protocol="org.apache.coyote.http11.Http11Protocol"
                  maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
                  clientAuth="false" sslProtocol="TLS" />
    -->
  • 3
    Uncomment it and modify it to look like the following:
    <Connector port="8043" protocol="org.apache.coyote.http11.Http11Protocol"    
    maxThreads="150" SSLEnabled="true" scheme="https" secure="true"    
    clientAuth="false" sslProtocol="TLS"    
    acceptCount="100" keystoreType="JKS"        
    disableUploadTimeout="true" enableLookups="false"    
    keystoreFile="
    /path/to/your/certificates/keystore.jks" keystorePass="changeit" />
  • 4
    Save the file.
Note: you should change keystoreFile and keystorePass to the real values.

Step 3. Restart and Test

  • 1
    Stop ActvityTimeline;
  • 2
    Start ActivityTimeline
  • 3
    Open https://[ACTIVITYTIMLEINE_SERVER]:8043   (note the port number difference);
  • 4
    You should see the default ActivityTimeline web page.
Ready to get started?
Start your 30-day free trial. No credit card required.