Hipchat fqdn vs short name and broken search

Hi David, 

I'm not using any aliases for my hipchat instance. Let me explain:

FQDN is hipchat.example.com

Short name is hipchat

After I installed hipchat I can access both links. However under just hipchat search doesn't work and couple more thing s are broken. Is it possible to force application redirect all traffic to hipchat.example.com that people won't be able to use broken hipchat/ ?

Hi Sofya,

You can try setting a CNAME in DNS that redirects the 'short name' to the FQDN. 

Also, I'm still unsure how 'hipchat' directs to 'hipchat.example.com' out of the box without some sort of translation. 

But the reason by the 'short name' wouldn't work is because the server and client expect the FQDN since all traffic is routed through https and unless the 'short name' is listed as a SAN on the SSL certificate chain, then that request will fail.

You may want to try setting your FQDN inside the HipChat Server again using hipchat network -n HOST -d DOMAIN and see if that helps.

Cheers,
-David
HipChat Server/Data Center Support Engineer | Atlassian

I ran this command

hipchat network -n hipchat -d example.com 

hipchat email sender_domain is already configured: hipchat.com
Saving configuration
Updating system configuration, this may take a few minutes...

Completed

But nothing was changed in application behavior. 

I don't see any sense to create CNAME. Host already has hipchat.example.com name. it's not networking problem. It's an application problem.

I'm trying to do rewrite in nginx file but it doesn't have any effect either:

server {
listen 80;
server_name hipchat.example.com;

rewrite_log on;

rewrite ^ https://$server_name$request_uri? permanent;

# proxy_set_header 'X-HIPCHAT-GROUP' '';
# proxy_set_header 'X-HIPCHAT-USER' '';
# proxy_set_header 'X-HIPCHAT-REQUEST' '';
# proxy_set_header 'X-HIPCHAT-REQUEST' 'public';

# set $hipchat_request_is public;

include includes/web-site;
include includes/files-site;
# Require direct https or upstream https from load balancer
}

# https://www.owasp.org/index.php/HTTP_Strict_Transport_Security
server {
listen 443 ssl;
server_name hipchat.example.com
ssl_protocols TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
ssl_session_cache shared:SSL:10m;
ssl_dhparam /hipchat/config/dhparams.pem;

ssl_certificate /hipchat/certs/star_hipchat_com_chain.crt;
ssl_certificate_key /hipchat/certs/star_hipchat_com.key;

add_header Strict-Transport-Security "max-age=31536000";

# proxy_set_header 'X-HIPCHAT-GROUP' '';
# proxy_set_header 'X-HIPCHAT-USER' '';

# proxy_set_header 'X-HIPCHAT-REQUEST' '';
# proxy_set_header 'X-HIPCHAT-REQUEST' 'public';

# set $hipchat_request_is public;

include includes/web-site;
include includes/files-site;
}

But it doesn't redirect traffic to the FQDN. 

Any ideas?

Thank you!

Hi Sofya,

As I stated previously, HipChat Server or Data Center doesn't support context paths or alias natively, so the behavior from using 'short name' falls within this scope.

Additionally, it is not advised that you modify the embedded NGINX configuration files inside HipChat Server, as this could further exacerbate problems.

I'm assuming that when you mention hipchat.example.com as your FQDN, you're not really using hipchat.example.com (as that's just a place holder) and you're substituting an actual hostname and domain complete with valid SSL certificate.

Cheers,
-David
HipChat Server/Data Center Support Engineer | Atlassian

Hi David,

Of course I'm not using hipchat.example.com It's just a substitute. 

I feel like it's a hipchat Server/ Data Center bug at this point.  I don't want to use short name for hipchat, but it's there and hipcha users use it and complain when it doesn't work properly. I think it should not be there at all, Developers should modify nginx server files to fix it. 

Thank you.