Using of Let’s Encrypt Certificates for Atlasssian HipChat

By | 20. August 2016

In my last article I presented a solution for automated certificate renewal for Debian using a central webroot folder. Recently I added HipChat to my collection of Atlassian Tools for quick discussions between all directory. HipChat requires an SSL certificate for both Web Server and HipChat client communication, so I was looking for a solution to use Let’s Encrypt certificates for HipChat.

In the HipChat bug tracker over at Atlassian there is a feature request which asks for Let’s  Encrypt implementation natively into HipChat, which however has not got to many attention up to now. So if you are reading this and want this feature natively built hin, head over to Atlassian and vote for the issue.

Install Necessary Requirements

In the meantime, it is possible to request and maintain certificates on the machine using ZeroSSL and a cronjob. First of all, you need to login to the HipChat CLI using SSH and the admin user. Next, gain root permissions using the following command:

Next, we need to create some folders for the ACME challenge verification:

Text, we need to install the ZeroSSL ACME client. The HipChat server runs using Ubuntu 14.04 but has a very limited set of packages that can be natively installed. Hence we have to install the required PERL module by hand, and then install the ZeroSSL client itself:

Test the Script and Install Certificate

Finally, create a script, ideally in the folder /hipchat/certs/letsencryptcerts/, which will be used for certificate request/renewal and installation into HipChat. Remember to mark the script as executable.

Run this script once and check whether the certificate is installed correctly. Beware that HipChat will be reloaded during this process, which will cause a small outage. If everything goes well, it will print “Importing Certificate/Key” at the end.

Add Automation

To fully automate the process, we need to create a cronjob that runs every now and then. Run crontab -e and then insert the following line:

Credits go to the blog at GLiNTECH, where this article is based on. I just made some things more clear, especially the installation of the required tools and fixed some issues regarding the script.

2 thoughts on “Using of Let’s Encrypt Certificates for Atlasssian HipChat

  1. Tyler Johnson

    Original author of the GLiNTECH blog here – thanks for sharing it around! I’m putting together an update to fix a couple of issues with the script that you identified.

    Reply
  2. Joel

    Hi there, this worked amazingly well! Thank you so much! I was stuck on this aspect of the setup. It would be nice if they rolled it out like JIRA/Confluence servers (no separate VM needed). That’s a topic for another day.

    Thanks again!

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload the CAPTCHA.