I'm running both Bitbucket Server and JIRA Server (v7.2.5#72007-sha1:61b1848) behind an nginx proxy on Windows Server 2012 R2. Neither the Bitbucket nor the JIRA Tomcat configs are running https, just http. However, the proxied connection through nginx is using TLS and exposing https to the WAN side. Only the intra-host traffic between nginx and Tomcat is unsecured.
This works very well with Bitbucket. I get a nice green lock icon in the URL bar and no complaints from Chrome. With JIRA, however, Chrome complains that "This page is trying to load scripts from unauthenticated sources", and the Chrome developer tools indicates "Mixed Content: The page at https://our.dev.server/jira/secure/Dashboard.jspa' was loaded over HTTPS, but requested an insecure image 'http://our.dev.server/jira/images/icons/priorities/medium.svg'. This content should also be served over HTTPS."
Concrete example: If I look at the page source in Bitbucket, here is how my avatar image URL is rendered:
But in JIRA, it's "<img src="http://our.dev.server/jira/secure/useravatar?size=small&ownerId=david&avatarId=10500".
And, yes, I've set the Base URL in the JIRA System settings to use https: "https://our.dev.server/jira".
I've followed these directions, https://confluence.atlassian.com/jirakb/integrating-jira-with-nginx-426115340.html, using only the first Connector in 2., the Nginx Proxy Connector (since JIRA's Tomcat isn't using TLS).
Any ideas? Thanks.
Badges are a great way to show off community activity, whether you’re a newbie or a Champion.Learn more
A picture tells a thousand words. And agility boards have just released their latest feature: cover images on issues – so now your board can tell a story at first glance. Upload attachmen...
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs