How to setup https connection for ActivityTimeline

Method 1 - Proxy server: How to Configure HTTPS access for ActivityTimeline

If you already have Apache HTTPD, NGINX or MS IIS server hosting the web portal through HTTPS protocol then the easiest way would be to update its configuration to serve as a proxy server of ActivityTimeline as well.

Step 1. Create a new rule in a proxy server

1
Apache HTTPD:
ProxyPass / http://localhost:8040
2
NGINX:
server {

........

underscores_in_headers on;

location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://localhost:8040;

proxy_pass_request_headers on;

}
}

Important: NGINX should allow underscore symbols in headers for correct work. More details on NGINX configuration here.

Step 2. Update ActivityTimeline Proxy Configuration

1
Open ActivityTimeline installation directory and open the conf folder.
Inside this folder, you will find the server.xml file. Open that file for editing.
2
Find the following declaration:
<Connector port="8040" protocol="HTTP/1.1"
.....
/>
3
Add the following two attributes that should point to your proxy host name and port:
<Connector port="8040" protocol="HTTP/1.1"
.....
proxyName="www.mycompany.com"
proxyPort="443"
/>
4
Save the file, restart ActivityTimeline.

Step 3. Restart Proxy Server

1
Restart your proxy server for the new rule to take effect.
2
ActivityTimeline should be accessible from https://[YOUR_SERVER_NAME]:[PORT]/ path.

Method 2 - Tomcat Server: How to Configure HTTPS access for ActivityTimeline

ActivityTimeline uses Tomcat 7 as application server, so HTTPS configuration is the same as for a regular Tomcat application server. It can be configured to run on HTTPS without changing Jira config.

Step 1. Obtain SSL Certificate and Create JKS Keystore

1
If you have Jira running through HTTPS then you can reuse the same certificates keystore;
2
Find jira.jks keystore file (or the like);
3
Reuse it for the Step 2.
4
Otherwise, refer to the guides (from references below) to:
- generate a new JKS keystore,
- issue CSR request,
- obtain a signed SSL certificate,
- import it (site.crt) certificate file as well as intermediate certificate file (intermediate.crt) and root certificate (root.crt) into JKS keystore.
5
Use that JKS file for Step 2.

Step 2. Configuring ActivityTimeline Tomcat for using created keystore file – SSL config

1
Open ActivityTimeline installation directory and open the conf folder.
Inside this folder, you will find the server.xml file. Open that file for editing.
2
Find the following declaration:
<!--
<Connector port="8043" protocol="org.apache.coyote.http11.Http11Protocol"
maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" />
-- >
3
Uncomment it and modify it to look like the following:
<Connector port="8043" protocol="org.apache.coyote.http11.Http11Protocol"
maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
acceptCount="100" keystoreType="JKS"
disableUploadTimeout="true" enableLookups="false"
keystoreFile="/path/to/your/certificates/keystore.jks" keystorePass="changeit" />
4
Save the file.

Note: you should change keystoreFile and keystorePass to the real values.

Step 3. Restart and Test

1
Stop ActvityTimeline;
2
Start ActivityTimeline
3
Open https://[ACTIVITYTIMLEINE_SERVER]:8043 (note the port number difference);
4
You should see the default ActivityTimeline web page.

How to setup https for ActivityTimeline