You are viewing documentation for the older version of YouTrack!

Skip to end of metadata
Go to start of metadata

Currently, the SSL key management not yet implemented directly within YouTrack and not available in YouTrack UI. You might want to vote for the JT-11091 feature request and watch its progress. However, if you want to connect YouTrack to external servers (e.g. TeamCity, mail) using SSL, now you can use a temporary solution, not directly from YouTrack but via configuring JRE, which is used by YouTrack. Check the description below, and stay tuned for updates of the feature.

Temporary Solution for SSL Key Management

If You Run YouTrack Stand-alone JAR Installation

Add your peer's server certificate to trusted certificate list. This is required in case your server certificate is not signed by any trusted certificate authority

  1. Identify JRE or JDK YouTrack runs on
  2. In case YouTrack runs on JRE, execute the following command:
  3. In case YouTrack runs on JDK, execute the following command:

In both cases:

  • cert_file is either your server's certificate or CA certificate that your server's certificate is signed by
  • store_pass is a password of a JRE trust store (default password is changeit).

If the peer server requires SSL authentication, you should configure the use of client SSL:

  1. You need to have a keystore containing your private key. It should either be PKCS12 or JKS keystore.
  2. When running YouTrack, provide the following additional command line parameters (you should specify these parameters before -jar parameter):
    <keystore_type> value should be either pkcs12 or jks.

If You Deploy YouTrack into Tomcat

This case is relevant for both YouTrack WAR and ExE distributions, as long as with EXE distribution you get YouTrack with Tomcat.
Complete description of your case is available at the official Tomcat site.

If You Deploy YouTrack WAR into Another Application Server

If you deploy YouTrack WAR into any other supported application server, please you refer to its documentation for details about SSL key management.