I would like to ask your help for SSL configuration.
Our Bitbucket server uses reverse proxy server installed on the same server where Bitbucket is installed.
Problem is when I type 'http' in url instead of 'https', it doesn't re-direct but showing "https://localhost" in the url section with the error saying "this site can't be reached".
When I had the following configuration in VitualHost for port 80 and 443, it re-directed OK. But the problem that clone process also works with both 'https' and 'http'. I was expecting that using 'http' shouldn't work on cloning.
<VirtualHost *:80>
# ServerAdmin webmaster@dummy-host.example.com
# DocumentRoot /www/docs/dummy-host.example.com
# ServerName dummy-host.example.com
# ErrorLog logs/dummy-host.example.com-error_log
# CustomLog logs/dummy-host.example.com-access_log common
ProxyPass / http://localhost:7990/
ProxyPassReverse / http://localhost:7990/
</VirtualHost>
<VirtualHost *.443>
SSLEngine On
SSLCertificateFile /path/to/your/cert.pem
SSLCertificateKeyFile /path/to/your/privkey.pem
SSLCertificateChainFile /path/to/your/chain.pem
ProxyPass / http://localhost:7990/ connectiontimeout=5 timeout=300
ProxyPassReverse / http://localhost:7990/
</VirtualHost>
From the technote, https://confluence.atlassian.com/kb/securing-your-atlassian-applications-with-apache-using-ssl-838284349.html, it says that I need to use "Redirect Permanent" in VirtualHost port 80 instead of Proxy. So I followed as it says and face the issue that re-direct doesn't work.
I would appreciate if you can help me to resolve this issue.
-Chang
You'll need to change:
<VirtualHost *:80>
# ServerAdmin webmaster@dummy-host.example.com
# DocumentRoot /www/docs/dummy-host.example.com
# ServerName dummy-host.example.com
# ErrorLog logs/dummy-host.example.com-error_log
# CustomLog logs/dummy-host.example.com-access_log common
ProxyPass / http://localhost:7990/
ProxyPassReverse / http://localhost:7990/
</VirtualHost>
to be something like:
<VirtualHost *:80>
Redirect 301 / https://your-public-url/
</VirtualHost>
(Change the your-public-url to your public url). I'm guessing that you've already tried this but it didn't work (based on your comment) - can you explain what didn't work about it?
Hi Daniel,
Thanks for your quick response. I changed VirtualHost for port 80 to the following as technote suggests, but it didn't work
First, I changed to
<VirtualHost *:80>
ServerName localhost
Redirect Permanent / https://localhost/
</VirtualHost>
But it didn't work, so I changed localhost with real hostname including domain name like
<VirtualHost *:80>
ServerName servername.subdomain.domain.com
Redirect Permanent / https://servername.subdomain.domain.com/
</VirtualHost>
But the result I see was same. none of them worked as expected.
So I don't know what I did wrong.
-Chang
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
That should work though. Can you restart Apache and do a curl -v http://public-host and tell us what the output is (feel free to anonymize things)
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Daniel,
Following is output. I changed real hostname and ip.
[parkc@server ~]$ curl -v http://server.sub.domain.com
* About to connect() to server.sub.domain.com port 80 (#0)
* Trying 100.10.1.70... connected
* Connected to server.sub.domain.com (100.10.1.70) port 80 (#0)
> GET / HTTP/1.1
> User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.27.1 zl ib/1.2.3 libidn/1.18 libssh2/1.4.2
> Host: server.sub.domain.com
> Accept: */*
>
< HTTP/1.1 301 Moved Permanently
< Date: Tue, 07 Nov 2017 23:59:17 GMT
< Server: Apache/2.2.15 (Red Hat)
< Location: https://server.sub.domain.com/
< Content-Length: 332
< Connection: close
< Content-Type: text/html; charset=iso-8859-1
<
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>301 Moved Permanently</title>
</head><body>
<h1>Moved Permanently</h1>
<p>The document has moved <a href="https://server.sub.domain.com/">here</a>.< /p>
<hr>
<address>Apache/2.2.15 (Red Hat) Server at server.sub.domain.com Port 80</add ress>
</body></html>
* Closing connection #0
Thanks,
Chang
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Well that’s doing the redirect correctly. What are you seeing in a browser (and which browser)? Because looking at that if you go to http://hostname you’ll end up on https://hostname.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Assuming fully qualified host name is server.sub.domain.com. Then when I type, http://server.sub.domain.com in url section, it re-directs to url https://localhost and error message in the contect instead of https://server.sub.domain.com.
I used Google Chrome.
Thanks,
Chang
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.