IIS as reverse proxy, URL-rewrite

I'm currently working on migrating a jira instance and have been banging my head against a wall for a day now. Hopefully someone can point me to what I am doing wrong, because I cannot understand what's going on.

My setup.

1. IIS is bound to (443 jira.mydomain.com https) and redirects to http://localhost:8383/ - my reasoning being that it shouldn't be necessary to setup SSL between IIS and Apace/Tomcat, as they reside on the same physical server.

2. jira has been setup with the Base URL: https://jira.mydomain.com and I have edited server.xml so that the connector tag, looks like this:

<Connector acceptCount="100" bindOnInit="false" connectionTimeout="20000" disableUploadTimeout="true" enableLookups="false" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" port="8383" protocol="HTTP/1.1" redirectPort="8443" useBodyEncodingForURI="true" scheme="https" secure="true" />

What happens when browsing:

The jira-instance responds just fine, giving me a nice green lock in FireFox. The certificate is the correct one, as set up in IIS. However, as soon as a user is logged in, the green lock suddenly turns yellow. From then on, one has to switch to http to do anything.

The error/warning I get in FireFox is: "Parts of this page is not secure (such as images)." There's a link to "Mixed Content Blocking" - but I cannot say it brings me any closer to a solution.

I'm really confused now, since I have done this exact setup for other applications before, without any trouble. If anyone has ANY input to point me in the right direction, it would be highly apprechiated!

 

1 answer

Tomcat needs to know that it`s bein SSL proxied

Try adding to server.xml

proxyName="issues.example.com" proxyPort="443" scheme="https" secure="true"

 

-Lars

Thank you for your reply!

That seems to have done the trick! Strange thing is that I tried this exact thing yesterday. Couldn't make it work, so I removed the settings "proxyname" and "proxyport" since a colleague has a working setup without those settings.

I'm a little embarrased to say, but I think I have figured out what I did wrong. I probably forgot to restart the Jira-instance, restarting the IIS-application instead. Mondays, gotta love em!

Suggest an answer

Log in or Sign up to answer
Atlassian Community Anniversary

Happy Anniversary, Atlassian Community!

This community is celebrating its one-year anniversary and Atlassian co-founder Mike Cannon-Brookes has all the feels.

Read more
Community showcase
Sarah Schuster
Posted Mar 28, 2018 in Jira Software

Can a company’s culture make or break agile adoption?

Can a new-to-agile team survive and thrive in a non-agile culture? If so, what advice would you give to those trying to be agile in a non-agile culture? What's the key(s) to success? Share your thoug...

12,041 views 15 13
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you