By connecting Probely to your Jira Server, you can get the target scan results synchronized with a Jira project of your choice. This synchronization can be done automatically or manually, finding by finding.
The synchronization is bi-directional, meaning that a finding reported by Probely is sent to Jira, and as soon as it is closed, it will trigger a retest. If the finding is fixed, the Jira issue is kept close. Otherwise, it is reopened.
To connect Probely and your Jira Server, follow the instructions below. This should take you no more than 5 minutes.
1. Generate an RSA Public/Private Key Pair
Jira validates the identity of the Probely server by requiring the latter to use a certificate. You can use any RSA public/private key pair, so you can skip the generation if you want to use another pair.
When prompted for the certificate details, you can enter whatever you want, including using the default values by just pressing enter, except for the Common Name, where you have to enter something (anything will do).
openssl genrsa -out jira_privatekey.pem 2048
openssl req -newkey rsa:2048 -x509 -key jira_privatekey.pem -out jira_publickey.cer -days 1825
openssl pkcs8 -topk8 -nocrypt -in jira_privatekey.pem -out jira_privatekey.pcks8
openssl x509 -pubkey -noout -in jira_publickey.cer > jira_publickey.pem
2. Create a New Jira Application Link
In Jira Server, at the top right corner, go to Gear Icon > Applications and then click on Application Links under Integrations.
Enter
https://plus.probely.app/jira-server/
in the input field and then click Create new link.Ignore the warning "No response was received from the URL you entered" and click Continue.
On the next dialog, input the following:
Application Name: Probely
Application Type: Generic Application
Service Provider Name: Probely
Consumer key: doesn't matter the value, but you'll need it later
Shared secret: probely
Request Token URL:
https://plus.probely.app/jira-server/
Access Token URL:
https://plus.probely.app/jira-server/
Authorize URL:
https://plus.probely.app/jira-server/
4. Click Continue. You should now see Probely on your Application Links.
5. Edit the Probely Application Link (pencil icon on the right) and fill the Incoming Authentication form as follows:
Consumer Key: Same key as in the previous form
Consumer Name: Probely
Public Key: Public key created in the beginning (in the jira_publickey.pem file)
Callback URL:
https://plus.probely.app/jira-server/callback/
6. Click Save
3. Connect Probely
In your Probely account, go to the menu on the top right dropdown and click Settings
Fill out the Jira Server form as follows:
Server URL: URL for your Jira Server instance
Consumer Key: same as previous steps
Consumer Secret: private key created at the beginning (in the jira_privatekey.pem file)
Verify TLS: On (do not turn this option off without a very good reason)
3. Click Authorize
4. Click Allow to allow Probely to access your Jira Server
And it is done. Your Jira Server is now connected to your Probely account.
The next step is configuring the Probely targets you want to synchronize. For each target you want to synchronize the findings, go to its Target Settings -> Integrations -> Jira Server and configure how they synchronize.
You can read more about the configuration here.