How it works...

We first created a new Java KeyStore repository for Jira to store its own SSL certificate with Java's keytool utility. During this step, you are prompted to provide information about the store as well as a password to access the KeyStore repository.

After we created the KeyStore repository, we imported the certificate (and then enabled an additional connector to listen for HTTPS connections) by uncommenting the connector XML tag. We also added new attributes to the tag so that Tomcat knows where our new KeyStore repository is and how to access it to get to the certificate.

You can also change the port number for the connector if you want to run HTTPS on a more common port, 443, instead of the default port, 8443, and your final XML snippet will look something similar to the following:

<Connector port="443"
maxHttpHeaderSize="8192" SSLEnabled="true" maxThreads="150" minSpareThreads="25"
maxSpareThreads="75" enableLookups="false"
disableUploadTimeout="true" acceptCount="100"
scheme="https" secure="true" clientAuth="false"
sslProtocol="TLS" useBodyEncodingForURI="true"
keystoreFile="/opt/jira/jira.jks" 
keystorePass="changeme"
keyAlias="jira" keystoreType="JKS"/>