Forums
Home Product Q&A Discussion groups Articles Ask a question Search
Learning
Events
Champions

Forums

Articles
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Product Q&A
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Need help with configuring Jira for SSL

Jonathon Kline
Jonathon Kline July 24, 2018

Hello, I need some help.  I have setup and installed Jira on my centos server.  It works well and I like it.  It'll be a huge help with my work.  However I am struggling to implement a reverse proxy to enable traffic over HTTPS. It all has to do with configuring the connectors in Tomcat with the server.xml configuration.  I don't know if I need to change the base connector, http, https or all 3. I have tried it multiple ways and I either get problems when I restart jira or I get a "bad gateway" when I go to the https version of the URL.

Answer
Watch
Like Be the first to like this
731 views

1 answer

1 vote
Andy Heinzer
Andy Heinzer
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
July 25, 2018

You will only need to modify a single Connector in the tomcat server.xml file to make this work with a reverse proxy.   Some admins elect to keep other connectors in place that use a different port in order to help troubleshoot some connectivity problems quickly with Jira.

Also, what are you using for the reverse proxy?  Is this Apache, Nginx, IIS, or a physical device like an F5, etc?   We might already have a documented guide for configuring both Jira and your proxy depending on what you are trying to use here.   We have a general guide for using Apache in Proxying Atlassian server applications with Apache HTTP Server (mod_proxy_http).

View More Comments
Jonathon Kline
Jonathon Kline July 25, 2018

I am attempting to use NGINX to create reverse proxy.  I would like to use it to forward traffic to 443 over https. 

Like
Andy Heinzer
Andy Heinzer
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
July 26, 2018

I'd recommend starting with the KB Integrating JIRA with Nginx

In this case, Jira doesn't need to be running on port 443, in most cases Jira would use a port like 8080 on its end.  However you could configure the nginx to listen on 443, use HTTPS, and in turn forward its traffic to this Jira connector.

I also found a more comprehensive guide for using SSL with nginx on one of our vendor's blogs, check out https://blog.servicerocket.com/adoption/blog/2014/07/3-steps-in-set-up-nginx-as-proxy-server-for-atlassian-jira

It explains in more details the SSL configuration aspects here.

Like
Jonathon Kline
Jonathon Kline July 27, 2018

Great.  Thank you so much.  I will check this out.

Like
Jonathon Kline
Jonathon Kline July 27, 2018

OK.  I have tried this and I can't seem to get it to work. I've looked at both articles. 

When I change the connectors it doesn't seem to want to proxy through NGINX.  The KB recommends changing 3 connectors (Base, HTTP, HTTPS) where you have 3 ports to proxy over (8080, 8081, 8082).  When I go to create my nginx conf file I need to specify a proxy port under the location.  I keep getting a bad gateway status page.  

location / {
        proxy_set_header X-Forwarded-Host $host;
        proxy_set_header X-Forwarded-Server $host;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_pass http://localhost:8080;
    }

The various questions I have are:

1 - Do I only need one connector specified?  The KB specifics 3.  The vendor's specifics 1.  Neither work for me?

2 - What ports need to be open?  I am using centos.  Also, is there any problems with SELINUX here between tomcat and NGINX.  I ask because SELINUX messes stuff up at times.

3 - When I follow the vendors guidance it's much simplier and only has 1 connector but I can't get it to go.  But I know the ports will proxy because I have jira running normally on 8080.

Any help to narrow down my troubleshooting would be appreciated.

Like
Jonathon Kline
Jonathon Kline July 29, 2018

I finally got it.  Someone posted a solution that added some things from the links you shared above.  

https://www.justinsilver.com/technology/atlassian-jira-nginx-ssl-reverse-proxy/

lists a root directory for JIRA (  root   /opt/atlassian/jira;) and it uses an upstream gateway method of calling the proxy for TOMCAT.

upstream jira{

  server       127.0.0.1:8081 fail_timeout=0;

}

  proxy_pass        http://jira;

  }

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events
    Community
    Forums
    FAQs Forums guidelines
    Learning
    About learning Resources
    Events
    Champions
    Copyright © 2025 Atlassian
    Privacy Policy Notice at Collection Terms Security