By connecting Probely to your Jira Server you can get the scan results synchronized with a Jira project of your choice. This syncronization can be done automatically or manually, finding by finding.
The syncronization is bi-directional, meaning that a finding that is reported by Probely is sent to Jira and as soon as it is closed it will trigger a retest. If the finding is fixed, the Jira issue is kept close, otherwise it is reopened.
To connect Probely and your Jira Server, follow the instructions below. This should take you no more than 5 minutes.
1- Generate an RSA Public/Private Key Pair
Jira validates the identity of the Probely server by requiring the latter to use a certificate. You can use any RSA public/private key pair, so you can skip the generation if you want to use other pair.
When prompted for the details of the certificate, you can enter whatever you want, inclusive using the default values by just pressing enter.
openssl genrsa -out jira_privatekey.pem 2048
openssl req -newkey rsa:2048 -x509 -key jira_privatekey.pem -out jira_publickey.cer -days 1825
openssl pkcs8 -topk8 -nocrypt -in jira_privatekey.pem -out jira_privatekey.pcks8
openssl x509 -pubkey -noout -in jira_publickey.cer > jira_publickey.pem
2- Create a New Jira Application Link
- In Jira Server go to Gear Icon > Applications > Application Links.
https://app.probely.com/jira-server/as the application URL. Ignore the warning "No response was received from the URL you entered" and click continue.
- On the next dialog input the following:
- Application Name: Probely
- Application Type: Generic Application
- Service Provider Name: Probely
- Consumer key: doesn't mater the value but you'll need it later
- Shared secret: probely
- Request Token URL: https://app.probely.com/jira-server/
- Access Token URL: https://app.probely.com/jira-server/
- Authorize URL: https://app.probely.com/jira-server/
- Create incoming link: off
4. Click continue, you should now see Probely on your Application Links.
5. Edit the Probely Application Link (pencil icon on the right) and fill the Incoming Authentication form as follows:
- Consumer Key: Same key as in previous form
- Consumer Name: Probely
- Public Key: Public key created in the beginning (in the jira_publickey.pem file)
- Callback URL: https://app.probely.com/jira-server/callback/
- Allow 2-Legged OAuth: off
6. Click Save
3- Connect Probely
- In your Probely account go to the top right dropdown and click Settings
- Fill the Jira Server form as follows:
- Server URL: URL for your Jira Server instance
- Consumer Key: same as previous steps
- Consumer Secret: private key created at the beginning (in the jira_privatekey.pem file)
- Verify TLS: on (unless you know what you're doing)
3. Click Authorize
4. Click Allow to allow Probely to access you Jira Server
And it is done. Your Jira Server is now connected to your Probely account.
The next step is to configure the Probely targets that you want to synchronize. For each target you want to synchronize the findings, go to its Settings -> Integrations -> Jira Server and configure how they synchronize.
You can read more about the configuration here.