Self-signed SSL certificate

You will need to have a certificate issued by a valid certificate authority if you intend to deploy the application and register this to your Jira instance. This module will guide you through the steps to generate a self-signed certificate and import this to AWS Certificate Manager (ACM). If you are already using ACM to provision, manage, and deploy public and private Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificates then you can skip this section and request a public certificate. Otherwise, you can proceed and go through the steps of generating a self-signed certificate which you can later upload to ACM.

Generate your private key and public certificate

cd ~/environment/
openssl req -newkey rsa:2048 -nodes -keyout key.pem -x509 -days 365 -out certificate.pem
The result should look like what's below:
Generating a 2048 bit RSA private key
writing new private key to 'key.pem'
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
Country Name (2 letter code) [XX]:US
State or Province Name (full name) []:Washington
Locality Name (eg, city) [Default City]:Seattle
Organization Name (eg, company) [Default Company Ltd]:
Organizational Unit Name (eg, section) []:
Common Name (eg, your name or your server's hostname) []
Email Address []:

Import your certificate using the AWS CLI

aws acm import-certificate --certificate file://certificate.pem \
  --private-key file://key.pem
If the import-certificate command is successful, it returns the [Amazon Resource Name (ARN)]( of the imported certificate.
    "CertificateArn": "arn:aws:acm:us-west-2:***********:certificate/********-****-****"
As of the publish date for this workshop, [Jira Software Cloud]( **does not** support self-signed certificates. You will need to obtain a valid certificate in order to register your application. Only **HTTPS** is supported for both development and production environments.