I have a reverse proxy over SSL configured for Jira, Confluence and Bitbucket. Jira and Confluence work great. Bitbucket mostly works, but as stated in the title, I can't get Application Links to work properly to Bitbucket, and the top left Bitbucket logo directs to http://localhost:7990. Additionally, Bitbucket is reporting that the base URL is misconfigured, but it's set properly.
I saw this discussion which is identical to my problem, except they're hosting on nginx and I am using apache. Below are my configurations:
bitbucket.properties
server.secure=true
server.scheme=https
server.proxy-port=443
server.redirect-port=443
server.proxy-name=my.business.com
logging.logger.ROOT=DEBUG
logging.logger.com.atlassian.bitbucket=DEBUG
apache conf
<VirtualHost *:80>
ServerName my.business.com
Redirect Permanent / https://my.business.com
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName my.business.com
ProxyRequests Off
ProxyVia Off
RemoteIPHeader X-Forwarded-For
<Proxy *>
Require all granted
</Proxy>
ProxyPass / http://localhost:7990/
ProxyPassReverse / http://localhost:7990/
SSLCertificateFile /path/to/cert/certfile.pem
SSLCertificateKeyFile /path/to/cert/keyfile/keyfile.pem
Include /path/to/other/ssl/configuration/configuration.conf
</VirtualHost>
</IfModule>
Thanks so much in advance for your help!
EDIT: I've found that if I set the ProxyPass and ProxyPassReverse to the following:
ProxyPass / http://my.business.com:7990/
ProxyPassReverse / http://my.business.com:7990/
Then the Bitbucket logo link changes to "my.business.com:7990".
If I read correctly your edit, changing the config to the following resolved all issues:
ProxyPass / http://my.business.com:7990/
ProxyPassReverse / http://my.business.com:7990/
Is this right?
That would match our Securing your Atlassian applications with Apache using SSL documentation.
Cheers,
Caterina - Atlassian
Hi Jonas,
Which version of Bitbucket Server are you using?
Cheers,
Christian
Premier Support Engineer
Atlassian
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thanks for your reply, Christian.
My Bitbucket Server version is 5.11.1.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Jonas,
Your configuration looks good for Bitbucket Server 5 and newer - what is the Base URL set to?
Cheers,
Christian
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi @Jonas Dawson,
For 443 configuration. Try
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPreserveHost On
For SSL to work, you'll have to import the SSL certificate of Bitbucket and also the other application into the JVM running Bitbucket.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thank you for your reply, Edwin. We might be closer!
After adding this, whether I have localhost or the FQDN in the ProxyPass and ProxyPassReverse configurations, the link is now directing to "http://my.company.com". I'm still getting a base url error, presumably because the scheme is still incorrect.
Additionally, after making the above changes, the "/" is being omitted after the top level domain when navigating between pages, meaning that links are broken and read as follows: "https://my.company.comdashboard" or "https://my.colpany.comprojects".
I made no adjustments to the SSL configuration. Could that have an impact?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Not entirely sure, that's very odd. And yes that might have an impact.
Add as well
SSLEngine on
and try again.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.