Jira ports redirecting Edited

Hi all!
I have some issue about port redirecting with our jira. Wen yuo going to http://jira.mydomain.com it will redirect you to https://jira.mydomain.com and its nice. But if you will go to jira.mydomain.com:8080 you will get connection over 8080 port without redirecting to https. I am new in atlassian product so I ask for advice.
Our Vhosts:

VirtualHost *:443>
ServerName jira.mydomain.com
ProxyRequests Off
ProxyPreserveHost Off
ProxyPass / http://127.0.0.1:8080/
ProxyPassReverse / http://127.0.0.1:8080/
RemoteIPHeader X-Forwarded-For
SSLEngine On
SSLCertificateFile /data/ssl/jira.mydomain.com--2017.09.15--crt.txt
SSLCertificateKeyFile /data/ssl/jira.mydomain.com--2017.09.15--key.txt
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
</VirtualHost>

<VirtualHost *:80>
ServerName jira.mydomain.com
Redirect Permanent / https://jira.mydomain.com/
RemoteIPHeader X-Forwarded-For
</VirtualHost>

Here is server.xml I suppose problem is here

<Service name="Catalina">

<Connector port="8080"

maxThreads="150"
minSpareThreads="25"
connectionTimeout="20000"

enableLookups="false"
maxHttpHeaderSize="8192"
protocol="HTTP/1.1"
useBodyEncodingForURI="true"
redirectPort="8443"
acceptCount="100"
disableUploadTimeout="true"
bindOnInit="false"

scheme="https"
proxyName="jira.mydomain.com"
proxyPort="443"
secure="false"
/>

 

2 answers

1 accepted

This widget could not be displayed.
Gonchik Tsymzhitov Community Champion Oct 16, 2017

Hi! 

 

For history I changed added again my comment with right answer.

 

I have tried on VM this command for external interface.

sudo iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 8080 -j REDIRECT --to-port 80

 

 

Cheers, 

Gonchik Tsymzhitov

Hi Gonchik,
We too have same issue, but the above command need to run every time after sever restart to take effect.
Do we have any permanent solution?

Regards,

The standard way to do it is with the commands iptables-save and iptables-restore in the shutdown and startup scripts for the machine, but the package iptables-persistent is a nice wrapper that saves you having to do most of the config for them. 

Thank you, Nic.

Is there any alternate solution to redirect to https for the above, instead of changing itables.

This widget could not be displayed.

Try copying the "Virtualhost *:80" to a second one.  Same content, but "Virtualhost *:8080"

Gonchik Tsymzhitov Community Champion Oct 10, 2017

Hi! 

As I understand you are provide very good idea.

if you have issue about port conflicting. Hence you need to set for localhost tomcat connector

<Service name="Catalina">

<Connector port="8080"

maxThreads="150"
minSpareThreads="25"
connectionTimeout="20000"

enableLookups="false"
maxHttpHeaderSize="8192"
protocol="HTTP/1.1"
useBodyEncodingForURI="true"
redirectPort="8443"
acceptCount="100"
disableUploadTimeout="true"
bindOnInit="false"

address="127.0.0.1"

scheme="https"
proxyName="jira.mydomain.com"
proxyPort="443"
secure="false"
/>

 and for external ip address for apache2

<VirtualHost EXTERNAL_IP:8080>
ServerName jira.mydomain.com
Redirect Permanent / https://jira.mydomain.com/
RemoteIPHeader X-Forwarded-For
</VirtualHost>

Hence It will works. 

 

Cheers, 

Gonchik Tsymzhitov

Thanks for your help!

But ... it didn't help me (

If I in server.xml set address="127.0.0.1"

http://jira.mydomain.com:8080 telling me that "This site can’t be reached"

And without address only with added Virtualhost 8080

http://jira.mydomain.com:8080 still not redirect me to https, and i don`t understand why 

Try removing the address line from your server.xml, you don't need it.

I tried this one. In this case redirect just not working.

Remove the 8080 from your urls to check that the Jira is running behind the proxy ok first.

Without 8080 everything is OK. 

http://jira.mydomain.com redirecting to https

https://jira.mydomain.com opening normally 

But http://jira.mydomain.com:8080 still not redirect to https

Gonchik Tsymzhitov Community Champion Oct 13, 2017

Hi! 

 

I have tried on VM this command for external interface.

sudo iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 8080 -j REDIRECT --to-port 443

 

I hope this way will help for you. 

 

Cheers, 

Gonchik Tsymzhitov

Thanks man! It`s working now ))
But you must redirect 8080 not to 443 or jira will not like it and will show you "Bad request" because you using http and jira need https on 443. So just redirect 8080 to 80 then apache do his work and you will get redirect from 8080 to 443.

Gonchik Tsymzhitov Community Champion Oct 16, 2017

You are welcome:)

Suggest an answer

Log in or Sign up to answer
Atlassian Summit 2018

Meet the community IRL

Atlassian Summit is an excellent opportunity for in-person support, training, and networking.

Learn more
Community showcase
Posted Wednesday in New to Jira

Are you planning to trial, or are currently trialling Jira Software? - We want to talk to you!

Hello! I'm Rayen, a product manager at Atlassian. My team and I are working hard to improve the trial experience for Jira Software Cloud. We are interested in   talking to 20 people planning t...

112 views 2 0
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you