Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Link Jira Confluence HTTPS PRoxy NGINX

Xavier Ramon Vilamú
Xavier Ramon Vilamú February 21, 2020

Hello,
I used to have Jira with an HTTPS proxy and Confluence with HTTP. I have updated both services to the latest version and changed the proxy for a nginx in HTTPS. I had a problem with certificates but they are now fixed. The problem I'm having now is linking Jira and Confluence. The main directory is in the Jira and Confluence consult Jira. I have the following errors:
- Users do not connect: If I connect Jira and Confluence, through the HTTPS proxy. I have visibility between applications but users do not communicate because the connection messages are in HTTP. Proxy redirect HTTP to HTTPS.
- Applications do not connect: If I connect applications without the proxy, users can connect but the application sends HTTPS messages but does not respond. Jira and Conflunce only accept HTTP.

How do I configure Jira and Confluence to communicate correctly?

 

Thanks

 

Answer
Watch
Like Be the first to like this
988 views

1 answer

0 votes
JP _AC Bielefeld Leader_
JP _AC Bielefeld Leader_
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
February 21, 2020

Hi,

did you try to delete the application links on both sides (Confluence, Jira) and then set them up again? Did you get any error messages doing that?

Best

JP

View More Comments
Xavier Ramon Vilamú
Xavier Ramon Vilamú February 21, 2020

Yes, I tried to establish communication Jira to Confluence and Confluence to Jira. But I have the same problem. I think the problem is that part of the communication is done with http and the other with https between Jira and Confluence. I need to define communication between applications use only HTTP or only HTTPS.

Thanks,

Like
JP _AC Bielefeld Leader_
JP _AC Bielefeld Leader_
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
February 21, 2020

Hi,

as you're using a reverse proxy you can force a protocol change from http to https for both applications to make sure that the communication is always secured.

Some of our rules & conditions for access via port 80:

RewriteCond %{REQUEST_URI} !^/error/.* [NC]
RewriteCond %{REQUEST_URI} !^/confluence
RewriteRule ^(.*)$ https://OURSERVER/confluence/$1 [R=301,L]

You will need a similar setting for Jira.

You must ensure that users can only login using https.

Next step: Application link:

Our settings on the Jira server:

image.png 

Settings on Confluence server:

image.png 

For the user management, did you follow:

https://confluence.atlassian.com/doc/connecting-to-crowd-or-jira-for-user-management-229838465.html

Best

JP

Like
Xavier Ramon Vilamú
Xavier Ramon Vilamú February 24, 2020

Hi, 

Your rules and conditions is for Apache Proxy. Do you have the same rules to NGINX Proxy?

Thanks,

Like
JP _AC Bielefeld Leader_
JP _AC Bielefeld Leader_
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
February 24, 2020

No

Like
Xavier Ramon Vilamú
Xavier Ramon Vilamú February 25, 2020

Hi, 

Finally, I create one iptable rule in each server to force HTTPS go to proxy.

  • Confluence server: sudo iptables -t nat -A OUTPUT -p tcp --dport 443 -j DNAT -d [IP-confluence] --to-destination [IP-Proxy]:443
  • Jira server: sudo iptables -t nat -A OUTPUT -p tcp --dport 443 -j DNAT -d [IP-jira] --to-destination [IP-Proxy]:443
Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira Service Desk
Jira Service Management
TAGS
AUG Leaders

Atlassian Community Events

    See all events