Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Tomcat misconfigured due to requests for special characters (2018)

brianchew
brianchew December 22, 2018

Hello all, super new to Jira and tomcat, but I managed to follow a guide and quickly install SSL, the redirect works, but after following the documentation to add these

Add relaxedPathChars="[]|" relaxedQueryChars="[]|{}^\`"<>" to the connector properties in server.xml

It seems like my Jira software is still telling me what the picture says

Screenshot 2018-12-22 at 10.09.31 PM.png

Do take note I am self-hosting, provided I have listed the logs from catalina.out, and my server.xml configuration files.

/opt/atlassian/jira/logs/catalina.out

2018-12-22 14:01:10,680 JIRA-Bootstrap ERROR      [c.a.j.health.checks.TomcatConfigurationHealthCheck]

    Required path chars: [ ] |

    Configured path chars: null []|

    Required query chars: [ ] | { } ^ \ ` " < >

    Configured query chars: null []|{}^\`"<>

 

2018-12-22 14:01:10,704 JIRA-Bootstrap ERROR      [c.a.jira.health.HealthChecks] Tomcat is misconfigured

2018-12-22 14:01:10,704 JIRA-Bootstrap ERROR      [c.a.jira.health.HealthChecks] The server.xml file is missing parameters needed by Jira to handle requests that contain special characters.

 

2018-12-22 14:01:10,704 JIRA-Bootstrap ERROR      [c.a.jira.startup.DefaultJiraLauncher] JIRA has failed to start because of the following errors: [(Event: Level = (EventLevel: error) , Key = (EventType:$

/opt/atlassian/jira/conf/sever.xml (my <Connector> sections)

 

 

        <Connector port="8080" 

                relaxedPathChars="[]|" relaxedQueryChars="[]|{}^&#x5c;&#x60;&quot;&lt;&gt;"

                   maxThreads="150" minSpareThreads="25" connectionTimeout="20000" enableLookups="false"

                   maxHttpHeaderSize="8192" protocol="HTTP/1.1" useBodyEncodingForURI="true" redirectPort="8443"

                   acceptCount="100" disableUploadTimeout="true" bindOnInit="false"/>

 

        <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"

                maxHttpHeaderSize="8192" SSLEnabled="true"

                maxThreads="150" minSpareThreads="25"

                enableLookups="false" disableUploadTimeout="true"

                acceptCount="100" scheme="https" secure="true"

                sslEnabledProtocols="TLSv1.2,TLSv1.3"

                clientAuth="false" useBodyEncodingForURI="true"

                keyAlias="jira" keystoreFile="/usr/lib/jvm/java-11-openjdk-amd64/jira.jks"

                keystorePass="" keystoreType="JKS"/>

 I would greatly appreciate any help!

Answer
Watch
Like Be the first to like this
10859 views

1 answer

1 accepted

1 vote
Answer accepted
Shannon S
Shannon S
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
January 3, 2019

Hi Brian,

You need to do this for any connectors your instance is using, so both HTTP and HTTPS.

Can you stop Jira, add it to 8443 as well, and restart?

Regards,

Shannon

View More Comments
brianchew
brianchew January 5, 2019

Hey Shannon,

I managed to add this after I added the connectors for the instance.
It works and I forgot to update the answer.

 

Thank you!

Like
Shannon S
Shannon S
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
January 7, 2019

You're welcome! Glad to hear that's exactly what it was!

Regards,

Shannon

Like
Shirley Tsai
Shirley Tsai March 19, 2019

Great!! It also works for me.  Thank you.

Like Shannon S likes this
Amar
Amar January 8, 2020

@brianchew  

I am facing some issue , could you please share the latest server.xml view after adding connector ?

 

Thanks,

Like
Jy
Jy June 24, 2020

still facing some issue by following , tried this in https://confluence.atlassian.com/adminjiraserver/running-jira-applications-over-ssl-or-https-938847764.html

what's the diff between HTTP/1.1 and protocol org.apache.coyote.http11.Http11NioProtocol



<Connector port="8080" relaxedPathChars="[]|" relaxedQueryChars="[]|{}^&#x5c;&#x60;&quot;&lt;&gt;" 
maxThreads="150" minSpareThreads="25" connectionTimeout="20000" enableLookups="false"
maxHttpHeaderSize="8192" protocol="HTTP/1.1" useBodyEncodingForURI="true" redirectPort="8443"
acceptCount="100" disableUploadTimeout="true" bindOnInit="false"/>


<Connector port="8443" relaxedPathChars="[]|" relaxedQueryChars="[]|{}^&#x5c;&#x60;&quot;&lt;&gt;" 
maxThreads="150" minSpareThreads="25" connectionTimeout="20000" enableLookups="false"
maxHttpHeaderSize="8192" protocol="HTTP/1.1" useBodyEncodingForURI="true" 
acceptCount="100" disableUploadTimeout="true" bindOnInit="false"/>


<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
              maxHttpHeaderSize="8192" SSLEnabled="true"
              maxThreads="150" minSpareThreads="25"
              enableLookups="false" disableUploadTimeout="true"
              acceptCount="100" scheme="https" secure="true"
              sslEnabledProtocols="TLSv1.2,TLSv1.3"
              clientAuth="false" useBodyEncodingForURI="true"
              keyAlias="jira" keystoreFile="<Jira_HOME>/jira.jks" keystorePass="changeit" keystoreType="JKS"/>

 

Like
allant
allant November 7, 2020

this config I used and its working:

<Connector SSLEnabled="true" acceptCount="100" clientAuth="false" connectionTimeout="20000" disableUploadTimeout="true" enableLookups="false" keyAlias="jira" keystoreFile="path to *.jks" keystorePass="1" keystoreType="JKS" maxHttpHeaderSize="8192" maxSpareThreads="75" maxThreads="150" minSpareThreads="25" port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" scheme="https" secure="true" sslProtocol="TLS" useBodyEncodingForURI="true" relaxedPathChars="[]|" relaxedQueryChars="[]|{}^&#x5c;&#x60;&quot;&lt;&gt;" />

Add relaxedPathChars and relaxedQueryChars in SSL connector also. If both HTTP and HTTPS are enabled.

Base  from https://confluence.atlassian.com/adminjiraserver/running-jira-applications-over-ssl-or-https-938847764.html these relaxedPathChars and relaxedQueryChars settings are missing. 

Then restart Jira service.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira Software
TAGS
AUG Leaders

Atlassian Community Events

    See all events