Jira Server - Local / On Premise

HTTPS and Port Requirements for Securely Connecting Your Server

Unito has requirements in place for HTTPS, custom ports, and SSL/TSL certificates to ensure your self-hosted tools are configured correctly for safe data transfer.

In this article:

Troubleshooting Connection Issues?

Before you start, check out this troubleshooting checklist to resolve common problems.

HTTPS Requirements

Unito prioritizes the security of your data. To connect your self-hosted Jira or GitHub Enterprise server, you must use HTTPS with a valid SSL/TLS certificate. (or a self-signed certificate, see below). If you are using the cloud-hosted version of the tools, you already have a valid HTTPS configuration.

  • Why HTTPS is Important: It encrypts data transferred between your server and Unito, preventing unauthorized access.
  • Cloud-Hosted Tools: If you're using Jira Cloud or GitHub.com, you already meet this requirement.

If you access your server with a URL starting with http:// instead of https://, we will not support your installation because we cannot guarantee your data will be transferred securely over the Internet. 

  • Quick Solutions for Self-Hosted Tools:
    • Add HTTPS to your server: A free and easy way to do this is through CloudFlare's Universal SSL.
    • Obtain an SSL certificate: This can also be done easily from Let's Encrypt by the Internet Security Research Group (ISRG)
    • Expose your server over HTTPS automatically: You can also run a tool like ngrok on your server.

When setting up your server, make sure that you configure the entire SSL certificate trust chain in the PEM file. It will have the form:

-----BEGIN CERTIFICATE----- 
(Your Primary SSL certificate: your_domain_name.crt)
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
(Your Intermediate certificate: your_ssl_provider_intermediate.crt)
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
(Your Root certificate: your_provider_root_certificate.crt)
-----END CERTIFICATE-----

You can use this tool to generate your certificates. Please make sure to check the option Include Root Certificate.

Self-Signed Certificate Setup

If your self-hosted tool uses a self-signed certificate (often indicated by a browser security warning), follow these additional steps:

  1.  When connecting your tool in Unito, click "Show advanced settings."
  2. Paste your certificate's public key in the "Self-signed SSL/TLS Certificate" field (PEM format).
  3. For certificates signed with an internal CA, provide the top-level CA certificate's public key.
  4. For standalone certificates, provide the self-signed certificate's public key.
    • Use this command if you have OpenSSL installed: openssl s_client -connect your-server.com:443 -showcerts

Important: provide the highest level certificate in the certificate chain.
If the certificate was signed using an internal CA, provide the public key of the top-level CA certificate. If the certificate is stand-alone (no CA), provide the public key of the self-signed certificate itself.

Group 1088198 (2)

If you have openssl installed on your computer, you can run the following command to get a server's certificate in the PEM format.

We understand all this certificate stuff can be overwhelming. Reach out to us if you need help and we'll walk you through it.

Note: If you're using a Let's Encrypt certification it is validated by a public certificate authority, not self-signed. On-premise installations using this kind of certification can leave the certificate field blank.

Requirements for custom ports

Unito supports custom HTTPS ports (other than the default 443) for self-hosted Jira or GitHub Enterprise. Simply add ":[port number]" to the end of your server URL when connecting it in Unito (e.g., https://your-jira-server.com:8443).

Group 1088200

Related articles