Versions Compared

Old Version 26

changes.mady.by.user Metin Savignano

Saved on

compared with

New Version 27

changes.mady.by.user Metin Savignano

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Orange colored text describes functional differences in previous 3.x releases

...

The key store file must be in either of the following two formats:

  • PKCS#7 (recommended)
    This format is a common format used to export and transmit public certificates. It can hold multiple certificates and is therefore often referred to as a p7 bundle – hence the commonly used file suffix p7b. It is defined in RFC 2315. Note that the file needs to be in DER encoded (binary) format.
  • BouncyCastle 
    This format is usually represented by a file suffix of bks. It is supported mainly for backward compatibility reasons. The key store must be a BKS type BouncyCastle key store. For details on how to create such a key store, please refer to S/MIME

...

AttributeFormatReference
userSMIMECertificatePKCS#7 (p7m) signed message format with single certificate or certificate chainRFC 2315: PKCS #7: Cryptographic Message Syntax
userCertificateDER binary (base-64 encoded) or PEM (ascii encoded) single X.509 certificateRFC 4523: LDAP Schema Definitions for X.509 Certificates

...

S/Notify can optionally search for S/MIME certificates on an external LDAP server (outside Jira's configuration). 

Info
titlePersonal Identifiable Information

Note that, in order to retrieve a user's S/MIME certificate, their email address needs to be sent to the server. If the LDAP server is outside your company's own infrastructure, you may be required to inform your users about this use of their email address, depending on your and/or your users jurisdiction. Legislation around personal identifiable information (PII) varies across different jurisdictions (GDPR, HIPAA, PCI etc.), so please check what applies in your case.

Hostname

The domain of the LDAP server, excluding the protocol part.

...

The key store file must be in either of the following two formats:

  • ASCII-Armored
    This format is a common format used to export and transmit public keys. It is, as the name implies, encoded fully in ASCII. Usual file endings are: asc, txt
  • PGP Binary
    PGP binary file format. Usual file endings are: pgp, gpg, pkr

...

In this section of the S/Notify configuration settings, you can provide an URL to a PGP key server that will be searched for PGP keys to encrypt with.

Info
titlePersonal Identifiable Information

Note that, in order to retrieve a user's PGP key, their email address needs to be sent to the server. If the key server is outside your company's own infrastructure, you may be required to inform your users about this use of their email address, depending on your and/or your users jurisdiction. Legislation around personal identifiable information (PII) varies across different jurisdictions (GDPR, HIPAA, PCI etc.), so please check what applies in your case.

Key server location

Provide the URL to an HKP or LDAP key server. Use this setting to administrate PGP keys centrally instead of requiring each user to provide his or her own PGP key.

...