Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

How to create Application Link betwwen Bitbucket/Jira/Confluence(Cross reverse proxy)?

Xiao Li
Xiao Li April 9, 2018

We have two servers, and installed several Atlassian products:

Server #1: dms.server.com, Ubuntu v16.04.4, local Posgresql v9.5.173

Server #2: code.server.com, , Ubuntu v16.04.4, local Posgresql v9.5.173

Detail configuration at the bottom。

Now, we can provide these app for users like this:

In Jira or Confluence, we can't create Application Link use the url like "https://dms.server.com/jira" or "https://dms.server.com/wiki", the system responds this:

No response was received from the URL you entered - it may not be valid. Please fix the URL below, if needed, and click Continue.

While I use the url like "http://dms.server.com:8092/wiki" in Jira to create AppLink , the system responds this:

Confirm URLs

The Application URL is different to the Display URL

Confirm that this is correct or change the Application URL below.

The Application URL should only be different to the Display URL if your application cannot access the internet directly (e.g. behind a firewall or proxy).

Application URL http://dms.server.com:8092/wiki

This is the URL used to connect to the remote application from this server.

Display URL https://dms.server.com/wiki

The display URL is used when rendering links to the application in the user's browser.

And in next step, Confluence can't auto-create reciprocal link for Jira.

Unable to create reciprocal link

It has not been possible to retrieve the required information from https://dms.totalcare.com/jira. Therefore the link cannot be created.

Click Continue to be redirected back to https://dms.totalcare.com/jira.

Click Close to remain here.

We have tried create separate AppLink both in Jira(use http://dms.server.com:8092/wiki) and Confluence(use http://dms.server.com:8082/jira), the AppLink works fine. But while we try between Jira & BitBucket, it wasn't success.

Now, can you give me a guide about how to create Applink between several Atlassian applications cross the Nginx Reverse Proxy? Thank you very much!


Best Regards
===========================
Xiao Li, System Admin

Server 1#:dms.server.com configuration


===JIRA===========================================
/opt/atlassian/jira/conf/server.xml

<Server port="8005" shutdown="SHUTDOWN">
......
<Service name="Catalina">
<Connector port="8080"
maxThreads="150"
minSpareThreads="25"
connectionTimeout="20000"
enableLookups="false"
maxHttpHeaderSize="8192"
protocol="HTTP/1.1"
useBodyEncodingForURI="true"
redirectPort="8443"
acceptCount="100"
disableUploadTimeout="true"
bindOnInit="false"

proxyName="dms.server.com"
proxyPort="443"
scheme="https"
secure="true"
/>

<!-- Add Backup Service Port Connection -->
<Connector port="8082"
maxThreads="150"
minSpareThreads="10"
connectionTimeout="20000"
enableLookups="false"
acceptCount="10"
URIEncoding="UTF-8"
/>
<Engine name="Catalina" defaultHost="localhost">
<Host name="localhost" appBase="webapps" unpackWARs="true" autoDeploy="true">

<Context path="/jira" docBase="${catalina.home}/atlassian-jira" reloadable="false" useHttpOnly="true">
......

===Confluence=====================================
/opt/atlassian/confluence/conf/server.xml

<Server port="8000" shutdown="SHUTDOWN" debug="0">
<Service name="Tomcat-Standalone">
<Connector port="8090" connectionTimeout="20000" redirectPort="8443"
maxThreads="48" minSpareThreads="10"
enableLookups="false" acceptCount="10" debug="0" URIEncoding="UTF-8"
protocol="org.apache.coyote.http11.Http11NioProtocol"

proxyName="dms.server.com"
proxyPort="443"
scheme="https"
secure="true"
/>

<Connector port="8092"
maxThreads="150"
minSpareThreads="10"
connectionTimeout="20000"
enableLookups="false"
acceptCount="10"
URIEncoding="UTF-8"
/>

<Engine name="Standalone" defaultHost="localhost" debug="0">

<Host name="localhost" debug="0" appBase="webapps" unpackWARs="true" autoDeploy="false" startStopThreads="4">
<Context path="/wiki" docBase="../confluence" debug="0" reloadable="false" useHttpOnly="true">
......

===Nginx==========================================
/etc/nginx/sites-enabled/Atlassian_ReverseSecProxy

server {
listen 80 default_server;
server_tokens off;
server_name _;
return 301 https://$host$request_uri;
}

server {
listen 443 ssl;
server_tokens off;
server_name dms dms.server.com;
ssl_certificate /etc/ssl/certs/server.com.pem;
ssl_certificate_key /etc/ssl/private/server.com.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
root /var/www/dms;
index index.html;
# Resource respond method
location / {
try_files $uri $uri/ =404;
}
# Deny security file access
location ~ /\.ht {
deny all;
}
location /jira {
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://dms.server.com:8080/jira;
client_max_body_size 300M;
}
location /wiki {
client_max_body_size 300M;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://dms.server.com:8090/wiki;
}
location /synchrony {
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://localhost:8091/synchrony;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
}
}



Server #2: code.server.com configuration

===Bitbucket======================================

/var/atlassian/application-data/bitbucket/shared/bitbucket.properties

#>*******************************************************
#> Migrated to database at jdbc:postgresql://localhost:5432/bitbucket
#> Updated on 2018-04-03T16:58:44.261+08:00
#>*******************************************************
jdbc.driver=org.postgresql.Driver
jdbc.url=jdbc:postgresql://localhost:5432/bitbucket
jdbc.user=jiradbo
jdbc.password=password
server.port=7990

server.secure=true
server.scheme=https
server.proxy-port=443
server.proxy-name=code.server.com
server.context-path=/bitbucket

server.additional-connector.1.port=7995

===Nginx==========================================
/etc/nginx/sites-enabled/Atlassian_ReverseSecProxy

server {
listen 80 default_server;
server_tokens off;
server_name _;
return 301 https://$host$request_uri;
}

server {
listen 443 ssl;
server_tokens off;
server_name dms dms.server.com;
ssl_certificate /etc/ssl/certs/server.com.pem;
ssl_certificate_key /etc/ssl/private/server.com.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
root /var/www/dms;
index index.html;
# Resource respond method
location / {
try_files $uri $uri/ =404;
}
# Deny security file access
location ~ /\.ht {
deny all;
}
location /bitbucket {
proxy_pass http://code.server.com:7990/bitbucket;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP $remote_addr;
proxy_redirect off;
}

}

 

Answer
Watch
Like Be the first to like this
2433 views

2 answers

0 votes
Zamba Lee
Zamba Lee April 10, 2018

The problem have been resolved. the reason is Wrong SSL ceritificate.

  • Check log file

I checked the log file of bitbucket(/var/atlassian/application-data/bitbucket/log/atlassian-bitbucket.log)find out like bellow, and the similar errors appear in the Jira log file。

2018-04-11 13:18:45,923 ERROR [http-nio-7990-exec-6] code-admin @1DEJJUCx798x47x0 rjcdxn 10.0.2.177,127.0.0.1 "GET /rest/applinks/3.0/applicationlinkForm/manifest.json HTTP/1.0" c.a.a.c.r.u.CreateApplicationLinkUIResource ManifestNotFoundException thrown while retrieving manifest
com.atlassian.applinks.spi.manifest.ManifestNotFoundException: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at com.atlassian.applinks.core.manifest.AppLinksManifestDownloader.doDownload(AppLinksManifestDownloader.java:198)

......

  • Check the certificate which Nginx use

I found out that the cert configure in nginx, file "server.com.pem", ONLY have the server's self certificate, not include Root CA and Intermediate CA Certificates. So I just put the rootCA&IntermediateCA's certs in the file of "server.com.pem".

  • Restart Nginx

While Restart the Nginx, All Atlassian Apps can create Application Link use the NICE url like https://dms.server.com/jira, https://code.server.com/bitbucket, etc.

And Thanks for ur responds! @Gonchik Tsymzhitov

 

Best Regards

Xiao Li

View More Comments
Zamba Lee
Zamba Lee April 10, 2018

Bye the way, the file of "server.com.pem" must have this format:

-----BEGIN CERTIFICATE-----
   ......

   Server‘s Certificate
   ......

-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
   ......

   Intermediate CA Certificate
   ......

-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
   ......

   Root CA Certificate
   ......

-----END CERTIFICATE-----
Like
Gonchik Tsymzhitov
Gonchik Tsymzhitov
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
April 11, 2018

My congratulations!

 

Like
Reply
0 votes
Gonchik Tsymzhitov
Gonchik Tsymzhitov
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
April 9, 2018

Hi! 

 

Could you set for this parameter:

proxy_pass http://127.0.0.1:7990/bitbucket;

instead of

proxy_pass http://code.server.com:7990/bitbucket;

 

And the just enter in application link configuration the base url from jira in bitbucket interface.

 

Cheers,

Gonchik Tsymzhitov

View More Comments
Zamba Lee
Zamba Lee April 9, 2018

Thanks for ur help!

I just tried, but still got the same wrong:

 

  • Change the Nginx cfg:

Nginx cfg.JPG

 

  • Restart service of Nginx;
  • Verify Jira base URL

jira-baseURL.JPG

Creat Applink in Bitbucket.JPG

 

Creat Applink in Bitbucket 2.JPGCreat Applink in Bitbucket 3.JPGCreat Applink in Bitbucket 4.JPG

  • Finnal result

Bitbucket have one “Config Error” link, and Jira still empty...

result-01.JPGresult-02.JPG

 

Like
Gonchik Tsymzhitov
Gonchik Tsymzhitov
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
April 10, 2018

Okay, 

 

Could you check from both servers firewalls? 

I mean some telnet tms.totalcare.com 8082 and 443 port? 

Also it will be nice if you check access_log and error_log in nginx. 

 

Cheers,

Gonchik

Like
Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
TAGS
AUG Leaders

Atlassian Community Events

    See all events