Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Confluence / jira application links not working on SSL

Andy Preston
Andy Preston September 17, 2013

We have recently migrated our tomcat based applications to SSL

Confluence & Bamboo have no problem with application links but Jira & Stash are no longer able to link to the SSL applications.

On the applications links pages we get the message:

Application 'Confluence' seems to be offline. Click here to Relocate.
Application 'Jira' seems to be offline. Click here to Relocate.

These applications are able to do user verification through the Jira user directory over SSL and that works fine.

All aplications work fine over SSL in web browsers

We've imported a wildcard/chain certificate into the individual Unix users .keystore and into the trust keystore

We've configured tomcat via server.xml and web.xml to accept connections on their old non-SSL ports but to redirect to the new HTTPS/SSL ports.

The applications have had their base URL changed to reflect their use of HTTPS & the new ports.

Any suggestions and ideas would be greatly appreciated and any additional config details can be provided on request.

Answer
Watch
Like Be the first to like this
935 views

2 answers

1 accepted

5 votes
Answer accepted
Andy Preston
Andy Preston September 23, 2013

Thanks Henning... yes I did do that. In the end, I went for what turned out to be a much simpler option... and used Apache as a reverse proxy.

View More Comments
Henning Tietgens
Henning Tietgens
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
September 23, 2013

Maybe we should consider this, too. Is there a documantation in the web for this? Or maybe, are you willing to share your configuration?

Thanks,

Henning

Like
Henning Tietgens
Henning Tietgens
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
September 23, 2013

Ok, I found https://confluence.atlassian.com/display/JIRA/Configuring+Apache+Reverse+Proxy+Using+the+AJP+Protocol

Did you use this page to setup you servers?

Like
Andy Preston
Andy Preston September 25, 2013

No... I didn't use AJP.

There was some documentation somewhere on confluence.atlassian.com that I used to get me started.


But one of the things that made me abandon working with Tomcat & do an Apache reverse proxy is I've done a lot of Apache config anyway (My main job is as a PHP developer) so I just used my experience.

I'll see if I can post my config soon.

Like
Andy Preston
Andy Preston September 25, 2013 
Apache Config:


LoadModule rewrite_module modules/mod_rewrite.so

Listen 8080
NameVirtualHost *:8080

# We've got a mod_rewrite on port 8080 to redirect all our old links
# to the SSL port

<VirtualHost *:8080>
  ServerName example.example.com
  ServerAlias example
  RewriteEngine On
  RewriteRule ^(.*)$ https://example.example.com/$1 [QSA,R=301,L]
</VirtualHost>

# Jira's "official" port is 8080 but the proxy is using 8081
# See notes above for URL redirection for an explanation of this

LoadModule ssl_module modules/mod_ssl.so
Listen 443
NameVirtualHost *:443

<VirtualHost *:443>
  ServerName example.example.com
  ServerAlias example
  RewriteEngine on
  RewriteCond %{HTTP_HOST} ^example$
  RewriteRule (.*) https://example.example.com/$1 [QSA,R=301,L]
  ProxyRequests Off
  <Proxy *>
    Order deny,allow
    Allow from all
  </Proxy>
  ProxyPass / http://example.example.com:8081/
  ProxyPassReverse / http://example.example.com:8081/
  SSLEngine on
  SSLProxyEngine on
  RequestHeader set Front-End-Https "On"
  BrowserMatch "MSIE [2-6]" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
  BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
  SSLCertificateFile /etc/ssl/certs/example.example.com.pem
  SSLCertificateKeyFile /etc/ssl/certs/example.example.com.key
  SSLCertificateChainFile /etc/ssl/certs/chain.cer
</VirtualHost>


 

					
				
			
			
			
				
			
			
			
			
			
			
		

		
		
	

	
	


	

		
	
	


		

	

		

			
		

	



		

	
				

			

			
 

		

	
				
				
			

		

	

	

	



	

	


	

	
	
	

	
		

	       	
	 

	
		
	

	       	
		

	



  Like         
              

              



	

	

	 
	
	
	 
	
	

	

	

	
		

			

			
	

	

		


	

	
		

			

				
					
		

			
 

			

				

					

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

			

	

		

			

	
		
			
		
			

 
 Andy Preston  
 
 Andy Preston  September 25, 2013         
 

		
	
	


		

	

		

			

	
		
			

		

	
		

			
				
					
					
						
Jira server.xml Connector spec:


<Connector
  port="8081"
  maxThreads="150"
  minSpareThreads="25"
  connectionTimeout="20000"
  enableLookups="false"
  maxHttpHeaderSize="8192"
  protocol="HTTP/1.1"
  useBodyEncodingForURI="true"
  scheme="https"
  proxyName="example.example.com"
  proxyPort="443"
  redirectPort="8443"
  acceptCount="100"
  disableUploadTimeout="true"
/>


 


 

					
				
			
			
			
				
			
			
			
			
			
			
		

		
		
	

	
	


	

		
	
	


		

	

		

			
		

	



		

	
				

			

			
 

		

	
				
				
			

		

	

	

	



	

	


	

	
	
	

	
		

	       	
	 

	
		
	

	       	
		

	



  Like         
              

              



	

	

	 
	
	
	 
	
	

	

	

	
		

			

			
	

	

		


	

	
		

			

				
					
		

			
 

			

				

					

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

			

	

		

			

	
		
			
		
			

 
 Andy Preston  
 
 Andy Preston  September 25, 2013         
 

		
	
	


		

	

		

			

	
		
			

		

	
		

			
				
					
					
						
Jira server.conf "Connector" spec:


<Connector
  port="8081"
  maxThreads="150"
  minSpareThreads="25"
  connectionTimeout="20000"
  enableLookups="false"
  maxHttpHeaderSize="8192"
  protocol="HTTP/1.1"
  useBodyEncodingForURI="true"
  scheme="https"
  proxyName="buster.mathembedded.com"
  proxyPort="443"
  redirectPort="8443"
  acceptCount="100"
  disableUploadTimeout="true"
/>


 


 

					
				
			
			
			
				
			
			
			
			
			
			
		

		
		
	

	
	


	

		
	
	


		

	

		

			
		

	



		

	
				

			

			
 

		

	
				
				
			

		

	

	

	



	

	


	

	
	
	

	
		

	       	
	 

	
		
	

	       	
		

	



  Like         
              


    

      Reply
    

      
 


      



        



	

	

	 
	
	
	 
	
	

	

	

	
		

			

			
	

	

		


	

	
		

			

				
					
		

			
 

			

				

					

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

		

			

	

		

			

	
		
			




 
      
 0  votes  
 
 
 
 
 
  
 
 
 
 

		
			

 
 Henning Tietgens  
 
 Henning Tietgens 
 Rising Star 
 
 
  
 Rising Star 
 
 Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders. 
 
 Get recognized 
 
 
   September 17, 2013         
 

		
	
	


		

	

		

			

	
		
			

		

	
		

			
				
					
					
						
Did you import the key chain of the other server into the Java keystore (cacerts) of the application? After that you have to restart the application.

					
				
			
			
			
				
			
			
			
			
			
			
		

		
		
	

	
	


	

		
	
	


		

	

		

			
		

	



		

	
				

			

			
 

		

	
				
				
			

		

	

	

	



	

	


	

	
	
	

	
		

	       	
	 

	
		
	

	       	
		

	



        



    

      Reply
    

      
 
  
    
  




  




 
Suggest an answer
 
 Log in or Sign up to answer 
 
  
		
			

		
			

		
	
	


		

			

	
		
			
		
			
		
			

   
 Jira 
  
 Jira Software 
  
 
TAGS
   


		
			

		
			
  
 
 
 
 AUG Leaders 
 
 
 
Atlassian Community Events
 
 
 
 
 
     
     See all events