User Settings - S/Notify for Jira
Using an S/Notify release before version 4.0? Then please refer to Earlier Versions for the appropriate documentation.
Jira Service Management (formerly known as Jira Service Desk)
Customers in Jira Service Management (JSM) are treated differently from fully-fledged Jira users. Not only can they access Jira only from the service portal, but they also have limited user profile. That's why, on this page, the Jira user profile is explained separately from the JSM customer profile.
Jira User Profile
Users can display and optionally manage their own public S/MIME certificate and/or PGP key that is used for encrypting emails sent to them. The upload option is only available if enabled by the administrator in User Key Management.
Email Security
In each user's profile, S/Notify adds a section for Email Security that displays information about the selected S/MIME certificate and/or PGP key, if available yet. The field Origin provides information about how the certificate or key has been provided – from the user profile or from the key store, key server or LDAP server.
Note that certificates and keys are retrieved only when they are needed to encrypt an outgoing email, so the information displayed here will not be available until then.
When S/Notify has been configured in Encryption Settings to allow user override, users can click the edit symbol to upload their own public S/MIME certificate and/or PGP key.
Note that, if S/Notify has been configured to use S/MIME only or PGP only, the respective other section is hidden from the user profile.
S/MIME
This section displays information about the user's S/MIME certificate.
To upload an S/MIME certificate, hit the edit symbol. Make sure you select S/MIME, then provide an S/MIME certificate file in PEM or DER format to upload.
PEM is a base-64 encoded text format, DER is a binary format. Suitable certificate files usually have one of the following file name suffixes: pem, der, cer, crt. A file name suffix p12 is not suitable. This is used to export private certificates which we do not want in this case.
Note that only the user's public certificate key is required. Therefore, it does not induce any security risk to upload the public certificate key.
PGP
This section displays information about the user's PGP key.
To upload a PGP key, hit the edit symbol. Make sure you select PGP, then provide a PGP key file in ASCII-armored or GPG binary export format.
Note that only the user's public key is required. Therefore, it does not induce any security risk to upload the public PGP key.
JSM Customer Profile
The following applies only if you have Jira Service Management (formerly known as Jira Service Desk) installed.
JSM customers are not fully-fledged Jira users, and their access is limited to the customer portal. Nonetheless, S/Notify allows them display and optionally manage their own public S/MIME certificate and/or PGP key that is used for encrypting emails sent to them. The upload option is only available if enabled by the administrator in User Key Management where a separate entry is available for JSM customers.
Email Security
In each JSM customer's profile, S/Notify adds a section for Email Security that displays information about the selected S/MIME certificate and/or PGP key, if available yet (scroll down to view). The field Origin provides information about how the certificate or key has been provided.
When S/Notify has been configured in Encryption Settings to allow JSM customer override, they can click Edit Email Security under options on the upper right to upload their own public S/MIME certificate and/or PGP key.
Note that, if S/Notify has been configured to use S/MIME only or PGP only, the respective other section is hidden from the JSM customer profile.
S/MIME
This section displays information about the user's S/MIME certificate.
To upload an S/MIME certificate, click the Edit Email Security link. A popup will appear that allows you to upload a file or remove an existing certificate. Make sure you select S/MIME, then provide an S/MIME certificate file in PEM or DER format to upload.
PEM is a base-64 encoded text format, DER is a binary format. Suitable certificate files usually have one of the following file name suffixes: pem, der, cer, crt. A file name suffix p12 is not suitable. This is used to export private certificates which we do not want in this case.
Note that only the user's public certificate key is required. Therefore, it does not induce any security risk to upload the public certificate key.
PGP
This section displays information about the user's PGP key.
To upload a PGP key, click the Edit Email Security link. A popup will appear that allows you to upload a file or remove an existing key. Make sure you select PGP, then provide a PGP key file in ASCII-armored or GPG binary export format.
Note that only the user's public key is required. Therefore, it does not induce any security risk to upload the public PGP key.