Bringing up Atlassian JIRA/Confluence/Crowd on DreamHost’s DreamCompute

I was fortunate enough get a chance to play around with DreamHost‘s DreamCompute beta. In addition to being a great implementation of OpenStack, it’s just fun to play with: they gave me a pretty healthy 20 CPUs, 50GB of RAM, and 5 IPs to play with, along with 1TB of disk.

I’ve been wanting to work up an installation of Atlassian‘s JIRA, Confluence, and Crowd products (and eventually Stash), so this was a perfect chance to try it out.

NOTE: DreamCompute is still in Beta, so I will point out some bugs, but overall, the quality and stability of environment is top notch. The boot time for new images (when creating an instance) is extremely quick. So, without further jabber, let’s get started.

Log in to https://dashboard.dreamcompute.com/, and go to Access and Security, and switch to the Keypairs tab. Be sure to add your public key to the key list. This key will be put in the authorized_keys file for dhc-user when an instance is created.

I created two instances, logistics and dbserver.

For each:

  • Flavor: hyperspeed
  • Boot Source: Boot from an image
  • Image Name: Centos65-latest
  • Device size: 25GB

Then:

  • Click Launch
  • Add private-network
  • Click Launch

I created two volumes (in volumes, on the left side) logistics-disk and db-disk, both 250 GB, attached them to their requisite instances via “Edit Attachments.” I gave them a device name of /dev/vdb. We will use these volumes for data on the logistics and DB server. On logistics, we will mount it under /opt and install there, and on the DB server we will mount it under /var/lib/pgsql and the database files will be placed there.

Under Instances, click on “More” for the logistics instance, and click “Associate floating IP.” Select an IP and select the IPv4 port for the logistics instance (or use IPv6 if you wish).

Once the instance is up, log in to the logistics node via:

# We need agent forwarding since we will be SSH'ing to the
# db server in a bit
ssh -A dhc-user@<the IP assigned>

Log in to the DB server.

ssh dhc-user@<internal IP listed on Instance screen>
# in my case, that internal IP is 10.10.10.7

cd /
# This is a known bug.  Not sure why the 5.3GB file is there.
sudo rm EMPTY

# There is bug in the DreamCompute setup that gives it a name server
# of 192.168.122.1, which is the default for libvirt, but not right
# in this case.
echo 'nameserver 8.8.8.8' | sudo tee /etc/resolv.conf > /dev/null

# This assumes you created a 250GB volume!
echo "# partition table of /dev/vdb
unit: sectors

/dev/vdb1 : start=       63, size=524286945, Id=83
/dev/vdb2 : start=        0, size=        0, Id= 0
/dev/vdb3 : start=        0, size=        0, Id= 0
/dev/vdb4 : start=        0, size=        0, Id= 0" | sudo sfdisk /dev/vdb

sudo mkfs.ext4 /dev/vdb1
sudo mkdir -p /var/lib/pgsql

echo "/dev/vdb1               /var/lib/pgsql          ext4    defaults        1 1" | sudo tee -a /etc/fstab > /dev/null

sudo mount /var/lib/pgsql

sudo yum install -y http://yum.postgresql.org/9.3/redhat/rhel-6-x86_64/pgdg-redhat93-9.3-1.noarch.rpm
sudo yum install -y postgresql93-server postgresql93-contrib
sudo service postgresql-9.3 initdb
sudo chkconfig postgresql-9.3 on

echo "host     all             all             10.10.10.0/24           md5" | sudo tee -a /var/lib/pgsql/9.3/data/pg_hba.conf > /dev/null

# Not the best way, but it avoids manual editing
echo "listen_addresses = '*'" | sudo tee -a /var/lib/pgsql/9.3/data/postgresql.conf > /dev/null

sudo service postgresql-9.3 start

crowd_pass=your_crowd_db_password
jira_pass=your_jira_db_password
confluence_pass=your_confluence_db_password

echo "CREATE USER crowd WITH ENCRYPTED PASSWORD '$crowd_pass'" | sudo -u postgres psql
echo "CREATE USER jira WITH ENCRYPTED PASSWORD '$jira_pass'" | sudo -u postgres psql
echo "CREATE USER confluence WITH ENCRYPTED PASSWORD '$confluence_pass'" | sudo -u postgres psql

sudo -u postgres createdb -O crowd crowd
sudo -u postgres createdb -O crowd crowdid
sudo -u postgres createdb -O jira jira
sudo -u postgres createdb -O confluence confluence

logout

Back on the logistics node

cd /
sudo rm EMPTY

echo 'nameserver 8.8.8.8' | sudo tee /etc/resolv.conf > /dev/null

# This assumes you created a 250GB volume!
echo "# partition table of /dev/vdb
unit: sectors

/dev/vdb1 : start=       63, size=524286945, Id=83
/dev/vdb2 : start=        0, size=        0, Id= 0
/dev/vdb3 : start=        0, size=        0, Id= 0
/dev/vdb4 : start=        0, size=        0, Id= 0" | sudo sfdisk /dev/vdb

sudo mkfs.ext4 /dev/vdb1

echo "/dev/vdb1               /opt                    ext4    defaults        1 1" | sudo tee -a /etc/fstab > /dev/null

sudo mount /opt

# We want pgsql tools
sudo yum install -y http://yum.postgresql.org/9.3/redhat/rhel-6-x86_64/pgdg-redhat93-9.3-1.noarch.rpm
sudo yum install -y postgresql93

# Atlassian tools want official Java
wget -O oracle_java.rpm "http://javadl.sun.com/webapps/download/AutoDL?BundleId=95115"
sudo yum install -y oracle_java.rpm

# Will use this to patch config files
sudo yum install -y patch

sudo mkdir -p /opt/local/confluence
sudo mkdir -p /opt/local/jira
sudo mkdir -p /opt/local/crowd

sudo useradd -d /opt/local/jira jira
sudo useradd -d /opt/local/confluence confluence
sudo useradd -d /opt/local/crowd crowd

sudo chown -R jira.jira /opt/local/jira
sudo chown -R confluence.confluence /opt/local/confluence
sudo chown -R crowd.crowd /opt/local/crowd

sudo yum install -y httpd mod_ssl

This part requires manual editing. Enable name virtual hosting. Update /etc/httpd/conf/httpd.conf and uncomment this line: NameVirtualHost *:80

and add below it:

NameVirtualHost *:443

Crowd Setup

chkconfig httpd on

cd /opt/local/crowd
sudo wget http://www.atlassian.com/software/crowd/downloads/binary/atlassian-crowd-2.7.2.tar.gz
sudo tar -zxvf atlassian-crowd-2.7.2.tar.gz
sudo ln -s atlassian-crowd-2.7.2 current
sudo mkdir current/logs
sudo chown -R crowd.crowd .
sudo rm -f atlassian-crowd-2.7.2.tar.gz

# Need to download the Pg driver
sudo wget http://jdbc.postgresql.org/download/postgresql-9.3-1102.jdbc41.jar
sudo mv postgresql-9.3-1102.jdbc41.jar current/apache-tomcat/lib/

echo "--- crowd-init.properties.orig  2014-02-04 21:44:57.000000000 +0000
+++ crowd-init.properties       2014-02-04 21:45:43.000000000 +0000
@@ -25 +25,2 @@
 #crowd.home=/var/crowd-home
+crowd.home=/opt/local/crowd/data
"| sudo patch current/crowd-webapp/WEB-INF/classes/crowd-init.properties

# This is for the Crowd server
echo '--- current/apache-tomcat/conf/server.xml.orig  2014-02-05 20:26:54.000000000 +0000
+++ current/apache-tomcat/conf/server.xml       2014-02-05 20:29:42.000000000 +0000
@@ -13,5 +13,3 @@
         <!-- Define an AJP 1.3 Connector on port 8009 -->
-        <!--
-            <Connector port="8009" enableLookups="false" redirectPort="8443" protocol="AJP/1.3" />
-        -->
+            <Connector port="8010" enableLookups="false" redirectPort="8443" protocol="AJP/1.3" />
     </Service>' | sudo patch current/apache-tomcat/conf/server.xml

# The CrowdID server does not have a GUI setup, so the DB must be configured by hand.
# See https://confluence.atlassian.com/display/CROWD/PostgreSQL
echo '--- /opt/local/crowd/current/apache-tomcat/conf/Catalina/localhost/openidserver.xml.orig        2014-08-16 00:17:54.701998426 +0000
+++ /opt/local/crowd/current/apache-tomcat/conf/Catalina/localhost/openidserver.xml     2014-08-16 00:22:24.530998926 +0000
@@ -1,15 +1,14 @@
 <Context path="/openidserver" docBase="../../crowd-openidserver-webapp">

     <Resource name="jdbc/CrowdIDDS" auth="Container" type="javax.sql.DataSource"
-              username="sa"
-              password=""
-              driverClassName="org.hsqldb.jdbcDriver"
-              url="jdbc:hsqldb:${catalina.home}/../database/crowdopenidserverdb"
-              minEvictableIdleTimeMillis="4000"
-              timeBetweenEvictionRunsMillis="5000"
-              maxActive="20"
+              username="crowd"
+              password="Midway6fleshy4wide"
+              driverClassName="org.postgresql.Driver"
+              url="jdbc:postgresql://10.10.10.5:5432/crowdid"
             />

+    <Manager className="org.apache.catalina.session.PersistentManager" saveOnRestart="false"/>
+
     <!-- NOTE: When a database server reboots or their is a network failure all the connections in the
     * connection pool are broken and normally this requires a Application Server reboot. If you include the
     * parameter validationQuery="{QUERY FOR YOUR DB HERE} as show below a new connection is created to replace it.
@@ -17,6 +16,7 @@
     *
     * validationQuery="Select 1"
     -->
+    validationQuery="Select 1"

     <!-- NOTE: If you use a database other than hsqldb:
     * delete the minEvictableIdleTimeMillis and timeBetweenEvictionRunsMillis attributes' | sudo patch /opt/local/crowd/current/apache-tomcat/conf/Catalina/localhost/openidserver.xml

echo '--- /opt/local/crowd/current/crowd-openidserver-webapp/WEB-INF/classes/jdbc.properties.orig     2014-08-16 00:24:34.295999949 +0000
+++ /opt/local/crowd/current/crowd-openidserver-webapp/WEB-INF/classes/jdbc.properties  2014-08-16 00:25:11.738026355 +0000
@@ -4,5 +4,5 @@
 #hibernate.default_schema=public
 hibernate.jdbc.batch_size=0
 hibernate.connection.datasource=java:comp/env/jdbc/CrowdIDDS
-hibernate.dialect=org.hibernate.dialect.HSQLDialect
-hibernate.transaction.factory_class=org.hibernate.transaction.JDBCTransactionFactory
\ No newline at end of file
+hibernate.dialect=org.hibernate.dialect.PostgreSQLDialect
+hibernate.transaction.factory_class=org.hibernate.transaction.JDBCTransactionFactory' | sudo patch /opt/local/crowd/current/crowd-openidserver-webapp/WEB-INF/classes/jdbc.properties

echo '--- /opt/local/crowd/current/crowd-openidserver-webapp/WEB-INF/classes/crowd.properties.orig    2014-08-16 00:26:03.587999555 +0000
+++ /opt/local/crowd/current/crowd-openidserver-webapp/WEB-INF/classes/crowd.properties 2014-08-16 00:26:44.314001236 +0000
@@ -1,8 +1,8 @@
 application.name                        crowd-openid-server
 application.password                    password
-application.login.url                   http://localhost:8095/openidserver
+application.login.url                   https://id.azariah.com/openidserver

-crowd.server.url                        http://localhost:8095/crowd/services/
+crowd.server.url                        https//id.azariah.com/crowd/services/

 session.isauthenticated                 session.isauthenticated
 session.tokenkey                        session.tokenkey' | sudo patch /opt/local/crowd/current/crowd-openidserver-webapp/WEB-INF/classes/crowd.properties

JIRA Setup

cd /opt/local/jira
NEW_VERSION=6.3.5
sudo wget http://www.atlassian.com/software/jira/downloads/binary/atlassian-jira-${NEW_VERSION}.tar.gz
sudo tar -zxvf atlassian-jira-${NEW_VERSION}.tar.gz
sudo ln -s atlassian-jira-${NEW_VERSION}-standalone current
sudo chown -R jira.jira atlassian-jira-${NEW_VERSION}-standalone
sudo rm -f atlassian-jira-${NEW_VERSION}.tar.gz

sudo mkdir -p data/logs
sudo mkdir data/log
sudo chown -R jira.jira data

echo '--- /opt/local/jira/current/conf/server.xml.orig        2014-08-27 03:10:35.784999468 +0000
+++ /opt/local/jira/current/conf/server.xml     2014-08-27 03:12:17.635993942 +0000
@@ -28,5 +28,5 @@
   limitations under the License.
 -->
-<Server port="8005" shutdown="SHUTDOWN">
+<Server port="8015" shutdown="SHUTDOWN">

     <!--APR library loader. Documentation at /docs/apr.html -->
@@ -47,5 +47,5 @@
     <Service name="Catalina">

-        <Connector port="8080"
+        <Connector port="8081"

                    maxThreads="150"
@@ -107,7 +107,7 @@
         -->

-        <!--
+
               <Connector port="8009" redirectPort="8443" enableLookups="false" protocol="AJP/1.3" URIEncoding="UTF-8"/>
-        -->
+

         <Engine name="Catalina" defaultHost="localhost">' | sudo patch /opt/local/jira/current/conf/server.xml

echo '--- /opt/local/jira/current/atlassian-jira/WEB-INF/classes/jira-application.properties.orig     2014-08-27 03:15:10.343002893 +0000
+++ /opt/local/jira/current/atlassian-jira/WEB-INF/classes/jira-application.properties  2014-08-27 03:15:53.716001655 +0000
@@ -1,2 +1,2 @@
 # Do not modify this file unless instructed. It is here to store the location of the JIRA home directory only and is typically written to by the installer.
-jira.home =
+jira.home =/opt/local/jira/data'| sudo patch /opt/local/jira/current/atlassian-jira/WEB-INF/classes/jira-application.properties

Confluence Setup

NEW_VERSION=5.6.1
cd /opt/local/confluence
sudo wget http://www.atlassian.com/software/confluence/downloads/binary/atlassian-confluence-${NEW_VERSION}.tar.gz
sudo tar -zxvf atlassian-confluence-${NEW_VERSION}.tar.gz
sudo rm -f atlassian-confluence-${NEW_VERSION}.tar.gz
sudo ln -s atlassian-confluence-${NEW_VERSION} current
sudo chown -R confluence.confluence atlassian-confluence-${NEW_VERSION}
sudo mkdir -p data/logs
sudo chown confluence.confluence data

echo "--- /opt/local/confluence/current/confluence/WEB-INF/classes/confluence-init.properties.orig    2014-08-27 03:24:03.429999439 +0000
+++ /opt/local/confluence/current/confluence/WEB-INF/classes/confluence-init.properties 2014-08-27 03:25:29.278007079 +0000
@@ -32,3 +32,3 @@
 # specify your directory below (don't forget to remove the '#' in front)

-# confluence.home=c:/confluence/data
\ No newline at end of file
+confluence.home=/opt/local/confluence/data" | sudo patch /opt/local/confluence/current/confluence/WEB-INF/classes/confluence-init.properties

echo '--- /opt/local/confluence/current/conf/server.xml.orig  2014-08-27 03:27:02.201000005 +0000
+++ /opt/local/confluence/current/conf/server.xml       2014-08-27 03:28:26.396993376 +0000
@@ -36,4 +36,6 @@
                    URIEncoding="UTF-8" keystorePass="<MY_CERTIFICATE_PASSWORD>"/>
 -->
+      <Connector port="8008" redirectPort="8443" enableLookups="false" protocol="AJP/1.3" URIEncoding="UTF-8" minSpareThreads="5" maxThreads="256"/>
+      
     </Service>
 </Server>' | sudo patch /opt/local/confluence/current/conf/server.xml

Init Scripts

The following is done in a root shell.

JIRA script

cat <<EOF > /etc/init.d/jira
# Atlassian startup script
# Original pulled from here: https://confluence.atlassian.com/display/DOC/Start+Confluence+Automatically+on+Linux
#chkconfig: 2345 80 05
#description: Start Atlassian applications

# Define some variables
# Name of app ( JIRA, Confluence, etc )
APP=jira
# Name of the user to run as
USER=\$APP
# Location of application's bin directory
CATALINA_HOME=/opt/local/\$APP/current
# Location of Java JDK
export JAVA_HOME=/usr

case "\$1" in
  # Start command
  start)
    echo "Starting \$APP"
    /bin/su -m \$USER -c "\$CATALINA_HOME/bin/startup.sh &> /dev/null"
    ;;
  # Stop command
  stop)
    echo "Stopping \$APP"
    /bin/su -m \$USER -c "\$CATALINA_HOME/bin/shutdown.sh &> /dev/null"
    echo "\$APP stopped successfully"
    ;;
   # Restart command
   restart)
        \$0 stop
        sleep 5
        \$0 start
        ;;
  *)
    echo "Usage: /etc/init.d/\$APP {start|restart|stop}"
    exit 1
    ;;
esac

exit 0
EOF

chmod 700 /etc/init.d/jira
chkconfig jira on

Confluence Script

cat <<EOF > /etc/init.d/confluence
# Atlassian startup script
# Original pulled from here: https://confluence.atlassian.com/display/DOC/Start+Confluence+Automatically+on+Linux
#chkconfig: 2345 80 05
#description: Start Atlassian applications

# Define some variables
# Name of app ( JIRA, Confluence, etc )
APP=confluence
# Name of the user to run as
USER=\$APP
# Location of application's bin directory
CATALINA_HOME=/opt/local/\$APP/current
# Location of Java JDK
export JAVA_HOME=/usr

case "\$1" in
  # Start command
  start)
    echo "Starting \$APP"
    /bin/su -m \$USER -c "\$CATALINA_HOME/bin/startup.sh &> /dev/null"
    ;;
  # Stop command
  stop)
    echo "Stopping \$APP"
    /bin/su -m \$USER -c "\$CATALINA_HOME/bin/shutdown.sh &> /dev/null"
    echo "\$APP stopped successfully"
    ;;
   # Restart command
   restart)
        \$0 stop
        sleep 5
        \$0 start
        ;;
  *)
    echo "Usage: /etc/init.d/\$APP {start|restart|stop}"
    exit 1
    ;;
esac

exit 0
EOF

chmod 700 /etc/init.d/confluence
chkconfig confluence on

Crowd Script

cat <<EOF > /etc/init.d/crowd
# Atlassian startup script
# Original pulled from here: https://confluence.atlassian.com/display/DOC/Start+Confluence+Automatically+on+Linux
#chkconfig: 2345 80 05
#description: Start Atlassian applications

# Define some variables
# Name of app ( JIRA, Confluence, etc )
APP=crowd
# Name of the user to run as
USER=\$APP
# Location of application's bin directory
CATALINA_HOME=/opt/local/\$APP/current/apache-tomcat
# Location of Java JDK
export JAVA_HOME=/usr

case "\$1" in
  # Start command
  start)
    echo "Starting \$APP"
    /bin/su -m \$USER -c "\$CATALINA_HOME/bin/startup.sh &> /dev/null"
    ;;
  # Stop command
  stop)
    echo "Stopping \$APP"
    /bin/su -m \$USER -c "\$CATALINA_HOME/bin/shutdown.sh &> /dev/null"
    echo "\$APP stopped successfully"
    ;;
   # Restart command
   restart)
        \$0 stop
        sleep 5
        \$0 start
        ;;
  *)
    echo "Usage: /etc/init.d/\$APP {start|restart|stop}"
    exit 1
    ;;
esac

exit 0
EOF

chmod 700 /etc/init.d/crowd
chkconfig crowd on

Now start the services

service crowd start
service confluence start
service jira start

Apache Configs

Yes, I’m using a self-signed wildcard cert. Too cheap to buy the real thing right now. That will come later

Place your cert in /etc/pki/tls/certs and your host key in /etc/pki/tls/private

cert_file=/etc/pki/tls/certs/self_STAR_azariah_com.crt
key_file=/etc/pki/tls/private/self_STAR_azariah_com.key

JIRA Config File

cat <<EOF > /etc/httpd/conf.d/99_jira.conf
# Virtualhost proxy for Jira
<VirtualHost *:80>
        ServerName issues.azariah.com

        Redirect Permanent / https://issues.azariah.com/
</VirtualHost>

<VirtualHost *:443>
        ServerName issues.azariah.com

        SSLEngine on
        SSLCertificateFile $cert_file
        SSLCertificateKeyFile $key_file
        # You might need something like this
        #SSLCertificateChainFile /etc/apache2/ssl.crt/comodo_bundle.crt

        <Proxy *>
                Order deny,allow
                Allow from all
        </Proxy>
        ProxyRequests     Off
        ProxyPass           /       ajp://localhost:8009/
        ProxyPassReverse    /       ajp://localhost:8009/
        ErrorLog /var/log/httpd/issues.azariah.com-ssl-error.log
        CustomLog /var/log/httpd/issues.azariah.com-ssl-access.log combined

        # Documented at:  http://httpd.apache.org/docs/2.2/ssl/ssl_faq.html#msie
        SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0

</VirtualHost>
EOF

Confluence Config File

cat <<EOF > /etc/httpd/conf.d/99_confluence.conf
# Virtualhost proxy for Confluence
<VirtualHost *:80>
        ServerName wiki.azariah.com

        Redirect Permanent / https://wiki.azariah.com/
</VirtualHost>

<VirtualHost *:443>
        ServerName wiki.azariah.com

        SSLEngine on
        SSLCertificateFile $cert_file
        SSLCertificateKeyFile $key_file
        # You might need something like this
        #SSLCertificateChainFile /etc/apache2/ssl.crt/comodo_bundle.crt

        <Proxy *>
                Order deny,allow
                Allow from all
        </Proxy>
        ProxyRequests     Off
        ProxyPass           /       ajp://localhost:8008/
        ProxyPassReverse    /       ajp://localhost:8008/
        ErrorLog /var/log/httpd/wiki.azariah.com-ssl-error.log
        CustomLog /var/log/httpd/wiki.azariah.com-ssl-access.log combined

        # Documented at:  http://httpd.apache.org/docs/2.2/ssl/ssl_faq.html#msie
        SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0

</VirtualHost>
EOF

Crowd Config File

cat <<EOF > /etc/httpd/conf.d/99_crowd.conf
# Virtualhost proxy for Crowd
<VirtualHost *:80>
        ServerName id.azariah.com

        Redirect Permanent / https://id.azariah.com/
</VirtualHost>

<VirtualHost *:443>
        ServerName id.azariah.com

        SSLEngine on
        SSLCertificateFile $cert_file
        SSLCertificateKeyFile $key_file
        # You might need something like this
        #SSLCertificateChainFile /etc/apache2/ssl.crt/comodo_bundle.crt

        <Proxy *>
                Order deny,allow
                Allow from all
        </Proxy>
        ProxyRequests     Off
        ProxyPass           /       ajp://localhost:8010/
        ProxyPassReverse    /       ajp://localhost:8010/
        ErrorLog /var/log/httpd/id.azariah.com-ssl-error.log
        CustomLog /var/log/httpd/id.azariah.com-ssl-access.log combined

        # Documented at:  http://httpd.apache.org/docs/2.2/ssl/ssl_faq.html#msie
        SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0

</VirtualHost>
EOF

Then restart Apache

service httpd restart

Remaining Setup

The web setup for JIRA and Confluence is well documented on the Atlassian site, so I won’t repeat it here.

The setup for Crowd still has some fiddling included, so I’ll walk through those steps.

When setting up the DB (first screen) for JIRA, it spit back a 500 error. I waited a while (five minutes), went back to the JIRA site, and it directed me to application setup. I also hit a similar glitch with Confluence.

For Confluence setup, make sure you choose “Manage users and groups with Confluence” since we will be switching to Crowd later.

Setting up Crowd

Go to the Crowd URL. Click on “Set Up Crowd” Entire your license Select “New Installation,” Continue Select JDBC Connection and enter needed information, Continue Edit options as desired, probably want to remove “443” from the Base URL

Crowd wants to connect to itself during setup, and will try your external IP address (based on your external host name). It also wants to be able to look up its hostname. Add this line to you /etc/hosts:

<internal IP of web server> <host name of your crowd server> <hostname of your VM>

In my case, hostname of my VM was ‘logistics.novalocal’, but on the next run it was just ‘logistics’, so my file looked like:

10.10.10.6  id.azariah.com logistics.novalocal logistics

If you are using a self-signed cert, you’ll also need to add it to the Java key store. I added mine with this command:

/usr/java/jre1.7.0_67/bin/keytool -import -keystore /usr/java/jre1.7.0_67/lib/security/cacerts -file /etc/ssl/certs/self_STAR_azariah_com.crt

You will then need to restart Crowd.

The password it asks for will most likely be “changeit”

For “Internal Directory,” edit as desired, and Continue.

Add a user, then continue.

I set up the OpenID server, but not the demo app.

Configuring Confluence and JIRA to use Crowd as its authentication source is pretty straight forward. That will be in part two. :)

Comments and questions welcome!

Comments

comments powered by Disqus