Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Celebration

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root

Avatar

1 badge earned

Collect

Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!

Challenges
Coins

Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.

Recognition
Ribbon

Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!

Leaderboard

Join now to unlock these features and more

How to redirect http URL to https

xela citnad
xela citnad Jul 27, 2021

How do I redirect HTTP requests to HTTPS? I have Jira installed on a Linux server. All I've done is edit the HTTPS portion in the server.xml file. My goal is that when users type 'http://jira.mydomain.com' in their browser, it redirects to 'https://jira.mydomain.com'. Right now, when they type 'http://jira.mydomain.com', it does bring them to Jira, but the page is unsecured & there's a mismatch warning/error at the bottom & they also can't login. As much help will greatly be appreciated.

 

==============================================================================================================
HTTPS - Proxying Jira via Apache or Nginx over HTTPS

If you're proxying traffic to Jira over HTTPS, uncomment the below connector and comment out the others.
Ensure the proxyName and proxyPort are updated with the appropriate information if necessary as per the docs.

See the following for more information:

Apache - https://confluence.atlassian.com/x/PTT3MQ
nginx - https://confluence.atlassian.com/x/DAFmGQ
==============================================================================================================
-->


<Connector port="8080" relaxedPathChars="[]|" relaxedQueryChars="[]|{}^&#x5c;&#x60;&quot;&lt;&gt;"
maxThreads="150" minSpareThreads="25" connectionTimeout="20000" enableLookups="false"
maxHttpHeaderSize="8192" protocol="HTTP/1.1" useBodyEncodingForURI="true" redirectPort="8443"
acceptCount="100" disableUploadTimeout="true" bindOnInit="false" secure="true" scheme="https"
proxyName="jira.mydomain.com" proxyPort="443"/>

 

Above is the only thing I edited in the server.xml file.

Answer
Watch
Like Be the first to like this
3131 views

1 answer

0 votes
Kurt Klinner
Kurt Klinner
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
Jul 27, 2021

@xela citnad 

 

Hi

did you also configure the connector for port 8443 (the one that you redirect to)

https://confluence.atlassian.com/adminjiraserver/running-jira-applications-over-ssl-or-https-938847764.html will provide you additional insights.

 

In parallel you could also think of handling the https in front of tomcat at an apache or nginx acting as a reverse proxy https://confluence.atlassian.com/kb/securing-your-atlassian-applications-with-apache-using-ssl-838284349.html

Cheers

Kurt

View More Comments
xela citnad
xela citnad Jul 27, 2021

Kurt, I don't think I have.  Looking at my server.xml file, all the connector ports seem to be 8080.  Is it simply as changing it to 8443?

Like
Kurt Klinner
Kurt Klinner
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
Jul 27, 2021

@xela citnad 

Nope you will need one where you handle the http traffic (8080)

that will forward to the https one 8443 (that one will need to have a valid certificate in his truststore etc)

Cheers

Kurt

Like
xela citnad
xela citnad Jul 27, 2021

@Kurt Klinner so basically, this can't be done by simply changing values in the server.xml file?

Like
Kurt Klinner
Kurt Klinner
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
Jul 27, 2021

No, if you would like to use https you will need to get a certificate in place, this is what https / ssl is all about. The first link i shared contains all the required steps to do so.

 

Personally speaking i think setting up ssl on apaache/nginx and having http traffic between the webserver  and the tomcat instance is way easier

Like
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
Jul 27, 2021

Yep, I usually stick atlassian stuff behind a proxy. 

Redirects in those are trivial, you can set up a single line that catches "http://myjiraserver.com/ <everything>" and punts it over to https automatically.

Like
xela citnad
xela citnad Jul 28, 2021

@Kurt Klinner

I followed these instructions that you sent: https://confluence.atlassian.com/kb/securing-your-atlassian-applications-with-apache-using-ssl-838284349.html

However, now when I try to access 'http://jira.mydomain.com', I'm met wi/:

Jira is reporting that it is using the URL scheme 'https', which does not match the scheme used to run these diagnostics, 'http'. This is known to cause Jira to construct URLs using an incorrect hostname, which will result in errors in the dashboard, among other issues.

The most common cause of this is the use of a reverse-proxy HTTP(S) server (often Apache or IIS) in front of the application server running Jira. While this configuration is supported, some additional setup might be necessary in order to ensure that Jira detects the correct scheme.

 

Did I use the wrong connector?  I uncommented the 'HTTPS' connector in the server.xml file.

Like
Kurt Klinner
Kurt Klinner
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
Jul 31, 2021

@xela citnad  can you share your server.xml? How is the base url for jira set

 

Cheers

Kurt

Like
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
Jul 31, 2021

The base url is set inside the application, and in the web server.

The server.xml defines a "connector" which can can be read by a proxy or a load balancer, or directly by a browser.  The connector defines whether the app looks to https or http, but it does NOT have any way to do redirects, that's up to the site or proxy.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira Core
Jira Core Server
TAGS
AUG Leaders

Atlassian Community Events

See all events