Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

IIS / Tomcat Proxy results in Error Parsing HTTP Request Header

Logan Kitchen December 14, 2022

Unfortunately, our organization uses Microsoft servers exclusively. Consequently I have to deploy JIRA Data Center on one of our servers and then proxy it with IIS to make it accessible.

My first attempt was using AJP Protocol, but that wasn't working out and looked to be rather old documentation, so I looked for more recent articles.

I followed the instructions here for setting up a proxy, but am still running into a communication error between IIS and Tomcat. I think my issue has to do with SSL problems where one part is https and the other is http. We have a certificate for our site and are wanting to use https.

Another possible culprit is something leftover from the AJP setup, but I went in reverse order and undid what steps I could.

Here are the relevant sections of my Tomcat server.xml:

<Connector port="8080" relaxedPathChars="[]|" relaxedQueryChars="[]|{}^&#x5c;&#x60;&quot;&lt;&gt;"
maxThreads="150" minSpareThreads="25" connectionTimeout="20000" enableLookups="false"
maxHttpHeaderSize="8192" protocol="HTTP/1.1" useBodyEncodingForURI="true" redirectPort="8443"
acceptCount="100" disableUploadTimeout="true" bindOnInit="false" secure="true" scheme="https"
proxyName="<application>.<organization-name>.com" proxyPort="443"/>


<Engine name="Catalina" defaultHost="localhost">
<Host name="localhost" appBase="webapps" unpackWARs="true" autoDeploy="true">

<Context path="" docBase="${catalina.home}/atlassian-jira" reloadable="false" useHttpOnly="true">
<Resource name="UserTransaction" auth="Container" type="javax.transaction.UserTransaction"
factory="org.objectweb.jotm.UserTransactionFactory" jotm.timeout="60"/>
<Manager pathname=""/>
<JarScanner scanManifest="false"/>
<Valve className="org.apache.catalina.valves.StuckThreadDetectionValve" threshold="120" />

<Valve className="org.apache.catalina.valves.AccessLogValve"
pattern="%a %{}r %{jira.request.username}r %t &quot;%m %U%{sanitized.query}r %H&quot; %s %b %D &quot;%{sanitized.referer}r&quot; &quot;%{User-Agent}i&quot; &quot;%{}r&quot;"/>


My IIS Settings are all according to the article as best as I can tell:

ARR Proxy enabled with HTTP/1.1. Reverse rewrite host unchecked (also tried it checked)

Enable Cache and Enable kernel cache unchecked

Application Pool "Atlassian Services" with .NET CLR version: No Managed Code

IIS site of <application>.<organization-name>.com linked to above pool:

    Two URL Rewrite Rules:

  1. HTTP to HTTPS redirect ( wildcard pattern: *; conditions: {HTTPS}, Matches the Pattern, off; Redirect URL: https://{HTTP_HOST}/{R:1}) 
  2. 2. JIRA URL Rewrite ( pattern: (.*); Rewrite URL: https://<application>.<organization-name>.com/{R:1}; Append query string: checked; stop processing of subsequent rules: checked) 

    Request Filtering allows double escaping


I also added long url support in the registry as well.


The only JIRA setting I changed was the base url to https://<application>.<organization-name>.com.

Can anyone give me some direction here? Thanks!


0 answers

Suggest an answer

Log in or Sign up to answer
AUG Leaders

Atlassian Community Events