Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Celebration

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root

Avatar

1 badge earned

Collect

Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!

Challenges
Coins

Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.

Recognition
Ribbon

Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!

Leaderboard

Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,458,851
Community Members
 
Community Events
176
Community Groups

How to redirect http URL to https

How do I redirect HTTP requests to HTTPS? I have Jira installed on a Linux server. All I've done is edit the HTTPS portion in the server.xml file. My goal is that when users type 'http://jira.mydomain.com' in their browser, it redirects to 'https://jira.mydomain.com'. Right now, when they type 'http://jira.mydomain.com', it does bring them to Jira, but the page is unsecured & there's a mismatch warning/error at the bottom & they also can't login. As much help will greatly be appreciated.

 

==============================================================================================================
HTTPS - Proxying Jira via Apache or Nginx over HTTPS

If you're proxying traffic to Jira over HTTPS, uncomment the below connector and comment out the others.
Ensure the proxyName and proxyPort are updated with the appropriate information if necessary as per the docs.

See the following for more information:

Apache - https://confluence.atlassian.com/x/PTT3MQ
nginx - https://confluence.atlassian.com/x/DAFmGQ
==============================================================================================================
-->


<Connector port="8080" relaxedPathChars="[]|" relaxedQueryChars="[]|{}^&#x5c;&#x60;&quot;&lt;&gt;"
maxThreads="150" minSpareThreads="25" connectionTimeout="20000" enableLookups="false"
maxHttpHeaderSize="8192" protocol="HTTP/1.1" useBodyEncodingForURI="true" redirectPort="8443"
acceptCount="100" disableUploadTimeout="true" bindOnInit="false" secure="true" scheme="https"
proxyName="jira.mydomain.com" proxyPort="443"/>

 

Above is the only thing I edited in the server.xml file.

1 answer

0 votes

@xela citnad 

 

Hi

did you also configure the connector for port 8443 (the one that you redirect to)

https://confluence.atlassian.com/adminjiraserver/running-jira-applications-over-ssl-or-https-938847764.html will provide you additional insights.

 

In parallel you could also think of handling the https in front of tomcat at an apache or nginx acting as a reverse proxy https://confluence.atlassian.com/kb/securing-your-atlassian-applications-with-apache-using-ssl-838284349.html

Cheers

Kurt

Kurt, I don't think I have.  Looking at my server.xml file, all the connector ports seem to be 8080.  Is it simply as changing it to 8443?

@xela citnad 

Nope you will need one where you handle the http traffic (8080)

that will forward to the https one 8443 (that one will need to have a valid certificate in his truststore etc)

Cheers

Kurt

@Kurt Klinner so basically, this can't be done by simply changing values in the server.xml file?

No, if you would like to use https you will need to get a certificate in place, this is what https / ssl is all about. The first link i shared contains all the required steps to do so.

 

Personally speaking i think setting up ssl on apaache/nginx and having http traffic between the webserver  and the tomcat instance is way easier

Yep, I usually stick atlassian stuff behind a proxy. 

Redirects in those are trivial, you can set up a single line that catches "http://myjiraserver.com/ <everything>" and punts it over to https automatically.

@Kurt Klinner

I followed these instructions that you sent: https://confluence.atlassian.com/kb/securing-your-atlassian-applications-with-apache-using-ssl-838284349.html

However, now when I try to access 'http://jira.mydomain.com', I'm met wi/:

Jira is reporting that it is using the URL scheme 'https', which does not match the scheme used to run these diagnostics, 'http'. This is known to cause Jira to construct URLs using an incorrect hostname, which will result in errors in the dashboard, among other issues.

The most common cause of this is the use of a reverse-proxy HTTP(S) server (often Apache or IIS) in front of the application server running Jira. While this configuration is supported, some additional setup might be necessary in order to ensure that Jira detects the correct scheme.

 

Did I use the wrong connector?  I uncommented the 'HTTPS' connector in the server.xml file.

@xela citnad  can you share your server.xml? How is the base url for jira set

 

Cheers

Kurt

The base url is set inside the application, and in the web server.

The server.xml defines a "connector" which can can be read by a proxy or a load balancer, or directly by a browser.  The connector defines whether the app looks to https or http, but it does NOT have any way to do redirects, that's up to the site or proxy.

Suggest an answer

Log in or Sign up to answer
TAGS

Atlassian Community Events