Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Cloudlare SSL & NGINX

Edited

I have installed Jira then added Nginx as a reverse proxy so that the site is available at the default HTTP 80 port.

The Nginx configuration is fairly simple:

server {
    listen 80;
    server_name jira.domain.com;
    location / {
        proxy_set_header X-Forwarded-Host $host;
        proxy_set_header X-Forwarded-Server $host;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 
        proxy_pass http://127.0.0.1:8080;
        client_max_body_size 10M;
    }
} 

 and the Connector looks like this:


<Connector port="8080" maxThreads="150" minSpareThreads="25" connectionTimeout="20000" enableLookups="false"
maxHttpHeaderSize="8192" protocol="HTTP/1.1" useBodyEncodingForURI="true" redirectPort="8443"
acceptCount="100" disableUploadTimeout="true" bindOnInit="false" scheme="http"
proxyName="jira.domain.com" proxyPort="80"/>

The site is then accessed through Cloudflare which has Flexible SSL Enabled. Meaning I should be able to access https://jira.domain.com. 

It seems to be working fine, except for the fact that I get the following error message:

The Tomcat server.xml has an incorrect configuration:

scheme should be 'https'
proxyName should be 'jira.domain.com'
proxyPort should be '443'

Flexible SSL means the users will be able to access the site over HTTPS, but connections to the origin server will be made over HTTP. So why is Jira complaining about HTTPS? The secure connection is only between the user and Cloudflare. Nginx is receiving an HTTP Request. I guess there must be something that I'm missing.

1 answer

1 accepted

0 votes
Answer accepted

For anyone looking for the answer,  I managed to get it working by updating the connector:

<Connector port="8080" maxThreads="150" minSpareThreads="25" connectionTimeout="20000" enableLookups="false"
maxHttpHeaderSize="8192" protocol="HTTP/1.1" useBodyEncodingForURI="true" redirectPort="8443"
acceptCount="100" disableUploadTimeout="true" bindOnInit="false" secure="false" scheme="https"
proxyName="jira.domain.com" proxyPort="443 />

The important part is secure="false" while at the same time using scheme="https" and proxyPort="443". The rest of the settings remain unchanged. So far it seems to be behaving as expected.

this is a magic

Suggest an answer

Log in or Sign up to answer
TAGS
Community showcase
Published in Jira Software

👋 Looking for 15-20 volunteers to test Atlassian training content

Hi everyone! Are you interested in beta testing Atlassian University’s newest (unreleased!) training course? We’re looking for 15-20 volunteers to test our newest training course, Basic reporting...

399 views 19 22
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you