I'm currently working on migrating a jira instance and have been banging my head against a wall for a day now. Hopefully someone can point me to what I am doing wrong, because I cannot understand what's going on.
My setup.
1. IIS is bound to (443 jira.mydomain.com https) and redirects to http://localhost:8383/ - my reasoning being that it shouldn't be necessary to setup SSL between IIS and Apace/Tomcat, as they reside on the same physical server.
2. jira has been setup with the Base URL: https://jira.mydomain.com and I have edited server.xml so that the connector tag, looks like this:
<Connector acceptCount="100" bindOnInit="false" connectionTimeout="20000" disableUploadTimeout="true" enableLookups="false" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" port="8383" protocol="HTTP/1.1" redirectPort="8443" useBodyEncodingForURI="true" scheme="https" secure="true" />
What happens when browsing:
The jira-instance responds just fine, giving me a nice green lock in FireFox. The certificate is the correct one, as set up in IIS. However, as soon as a user is logged in, the green lock suddenly turns yellow. From then on, one has to switch to http to do anything.
The error/warning I get in FireFox is: "Parts of this page is not secure (such as images)." There's a link to "Mixed Content Blocking" - but I cannot say it brings me any closer to a solution.
I'm really confused now, since I have done this exact setup for other applications before, without any trouble. If anyone has ANY input to point me in the right direction, it would be highly apprechiated!
Tomcat needs to know that it`s bein SSL proxied
Try adding to server.xml
proxyName="issues.example.com" proxyPort="443" scheme="https" secure="true"
-Lars
Thank you for your reply!
That seems to have done the trick! Strange thing is that I tried this exact thing yesterday. Couldn't make it work, so I removed the settings "proxyname" and "proxyport" since a colleague has a working setup without those settings.
I'm a little embarrased to say, but I think I have figured out what I did wrong. I probably forgot to restart the Jira-instance, restarting the IIS-application instead. Mondays, gotta love em!
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.