Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

How to Intergrate JIRA 6 with Apache SSL

Mike Ellis5
Mike Ellis October 28, 2014

Hello All,

I am trying to terminate my SSL connections to JIRA at Apache, I have walked through each step of https://confluence.atlassian.com/display/JIRA/Integrating+JIRA+with+Apache+using+SSL in an effort to get this working.  I am not clear on how this needs done from the article however.  I need my JIRA site to be accessible at https://linux6898.anprod.com for example, when I setup according to the above referenced article, I get the Apache test page, with the Rewrite rules omitted I get a 404 error as JIRA is redirecting to https://linux6898.anprod.com/secure/MyJiraHome.jspa.

Any help or additional guidance would be greatly appreciated.

 

Thanks in advance, let me know what else will help in troubleshooting,

 

-Mike

    • Connector from server.xml:

      <Service name="Catalina">

        <Connector port="8080"
                   scheme="https"
                   proxyName="linux6898.anprod.com"
                   proxyPort="443"
                   secure="true"
                   maxThreads="150"
                   minSpareThreads="25"
                   connectionTimeout="20000"
                   enableLookups="false"
                   maxHttpHeaderSize="8192"
                   protocol="HTTP/1.1"
                   useBodyEncodingForURI="true"
                   redirectPort="8443"
                   acceptCount="100"
                   disableUploadTimeout="true"/>

    • Apache VirtualHost configuration:

      ## JIRA Proxy VirtualHost Configuration
<VirtualHost *:80>
   ServerAdmin mike.ellis@my.email.com
   ServerName jira.testsite.com:80
    <Proxy *>
            Order deny,allow
            Allow from all
    </Proxy>
   Redirect permanent   /       https://linux6898.anprod.com/
   SSLProxyEngine          On
   ProxyRequests           Off
   ProxyPreserveHost       On
   ProxyPass               /       http://linux6898.anprod.com:8080/
   ProxyPassReverse        /       http://linux6898.anprod.com:8080/
   SSLCertificateFile      /etc/httpd/ssl/inux6898.cer
   SSLCertificateKeyFile   /etc/httpd/ssl/inux6898.key
   SSLCertificateChainFile /etc/httpd/ssl/certnew.pem
   RewriteEngine On
   RewriteCond %{HTTPS} off
   RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
</VirtualHost>
    • With Rewrite rules omitted from the above Apache config, I get the below browsing to port 80 at my test site:
      jira-error.PNG

Answer
Watch
Like Be the first to like this
481 views

1 answer

1 accepted

0 votes
Answer accepted
Mike Ellis5
Mike Ellis October 29, 2014

I have this now working as expected.  The setup using the internal loopback address for Apache access to JIRA so JIRA is not accessible outside the local machine, other than through Apache, which is good for me.  Apache is set to redirect all non-SSL requests to the SSL-protected site and the Base URL has been updated, life is improving.

    • From server.conf
<Connector port="8080"
                   proxyPort="443"
                   scheme="https"
                   proxyName="linux6898.anprod.com"
                   address="127.0.0.1"
                   maxThreads="150"
                   minSpareThreads="25"
                   connectionTimeout="20000"
                   enableLookups="false"
                   maxHttpHeaderSize="8192"
                   protocol="HTTP/1.1"
                   useBodyEncodingForURI="true"
                   redirectPort="8443"
                   acceptCount="100"
                   disableUploadTimeout="true"/>

 

    • Apache VirtualHost configuration
# cat /etc/httpd/conf.d/jira.conf
## JIRA Proxy VirtualHost Configuration
Listen 443
NameVirtualHost *:443
<VirtualHost *:443>
   ServerAdmin mike.ellis@tfcci.com
   ServerName linux6898.anprod.com:443
    <Proxy *>
            Order deny,allow
            Allow from all
    </Proxy>
   SSLProxyEngine          On
   ProxyRequests           Off
   ProxyPreserveHost       On
   ProxyPass               /       http://127.0.0.1:8080/
   ProxyPassReverse        /       http://127.0.0.1:8080/
   SSLCertificateFile      /etc/httpd/ssl/linux6898.cer
   SSLCertificateKeyFile   /etc/httpd/ssl/linux6898.key
   RewriteEngine On
   RewriteCond %{HTTPS} off
   RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
</VirtualHost>

NameVirtualHost *:80
<VirtualHost *:80>
   ServerAdmin mike.ellis@tfcci.com
   ServerName linux6898.anprod.com:80
   Redirect permanent  /       https://linux6898.anprod.com/
   RewriteEngine On
   RewriteCond %{HTTPS} off
   RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
    <Proxy *>
            Order deny,allow
            Allow from all
    </Proxy>
   SSLProxyEngine          On
   ProxyRequests           Off
   ProxyPreserveHost       On
   ProxyPass               /       http://127.0.0.1:8080/
   ProxyPassReverse        /       http://127.0.0.1:8080/
</VirtualHost>
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira Software
TAGS
AUG Leaders

Atlassian Community Events

    See all events