IIS as reverse proxy, URL-rewrite

I'm currently working on migrating a jira instance and have been banging my head against a wall for a day now. Hopefully someone can point me to what I am doing wrong, because I cannot understand what's going on.

My setup.

1. IIS is bound to (443 jira.mydomain.com https) and redirects to http://localhost:8383/ - my reasoning being that it shouldn't be necessary to setup SSL between IIS and Apace/Tomcat, as they reside on the same physical server.

2. jira has been setup with the Base URL: https://jira.mydomain.com and I have edited server.xml so that the connector tag, looks like this:

<Connector acceptCount="100" bindOnInit="false" connectionTimeout="20000" disableUploadTimeout="true" enableLookups="false" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" port="8383" protocol="HTTP/1.1" redirectPort="8443" useBodyEncodingForURI="true" scheme="https" secure="true" />

What happens when browsing:

The jira-instance responds just fine, giving me a nice green lock in FireFox. The certificate is the correct one, as set up in IIS. However, as soon as a user is logged in, the green lock suddenly turns yellow. From then on, one has to switch to http to do anything.

The error/warning I get in FireFox is: "Parts of this page is not secure (such as images)." There's a link to "Mixed Content Blocking" - but I cannot say it brings me any closer to a solution.

I'm really confused now, since I have done this exact setup for other applications before, without any trouble. If anyone has ANY input to point me in the right direction, it would be highly apprechiated!

 

1 answer

Tomcat needs to know that it`s bein SSL proxied

Try adding to server.xml

proxyName="issues.example.com" proxyPort="443" scheme="https" secure="true"

 

-Lars

Thank you for your reply!

That seems to have done the trick! Strange thing is that I tried this exact thing yesterday. Couldn't make it work, so I removed the settings "proxyname" and "proxyport" since a colleague has a working setup without those settings.

I'm a little embarrased to say, but I think I have figured out what I did wrong. I probably forgot to restart the Jira-instance, restarting the IIS-application instead. Mondays, gotta love em!

Suggest an answer

Log in or Join to answer
Community showcase
Teodora [Botron]
Published Thursday in Marketplace Apps

Jira Inferno: The Nine Circles of Jira Administration Hell

If you spend enough time as a Jira admin - whether you are managing a single, mid-sized instance, a large enterprise one or juggling multiple instances at once - you will eventually find yourself in ...

281 views 0 12
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you
Atlassian Team Tour

Join us on the Team Tour

We're bringing product updates and pro tips on teamwork to ten cities around the world.

Save your spot