Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Next challenges

Recent achievements

  • Global
  • Personal


  • Give kudos
  • Received
  • Given


  • Global

Trophy case

Kudos (beta program)

Kudos logo

You've been invited into the Kudos (beta program) private group. Chat with others in the program, or give feedback to Atlassian.

View group

It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Jira reverse proxy problem Edited

I am in the process of trying to upgrade a 6.4 to current.

The steps I have taken:

1.) Built and patched a new CentOS 7.x box and installed prereqs.

2.) Installed Jira 7.0 onto new box and validated that it is running and accepting connections

3.) Backed up Jira from old box and then imported it into the new Jira. Import went right, and all data was present. Logged into new 7.0 instance with creds from original and saw that all was ok.

4.) Followed instructions from to get apache acting as reverse proxy for the system. Below are config files:


<Service name="Catalina">

<!-- Apache Proxy Connector with values for scheme, proxyName and proxyPort -->
<Connector acceptCount="100"

<!-- Standard HTTP Connector -->
<Connector acceptCount="100"

<Engine defaultHost="localhost" name="Catalina">
<Host appBase="webapps" autoDeploy="true" name="localhost" unpackWARs="true">

<Context path="/jira" docBase="${catalina.home}/atlassian-jira" reloadable="false" useHttpOnly="true">


Note, you no longer configure your database driver or connection parameters here.
These are configured through the UI during application setup.


<Resource auth="Container" factory="org.objectweb.jotm.UserTransactionFactory" jotm.timeout="60" name="UserTransaction" type="javax.transaction.UserTransaction"/>
<Manager pathname=""/>




ServerRoot "/etc/httpd"

Listen 80

Include conf.modules.d/*.conf
LoadModule proxy_module modules/
LoadModule proxy_http_module modules/
LoadModule proxy_http_module modules/
LoadModule proxy_ajp_module modules/
LoadModule proxy_connect_module modules/
LoadModule substitute_module modules/
LoadModule rewrite_module modules/
LoadModule remoteip_module modules/

IncludeOptional conf.d/*.conf

Jira.conf (located in conf.d/

<VirtualHost *:443>
ServerAlias jira
ErrorLog /var/log/httpd/support-ssl-error.log
CustomLog /var/log/httpd/support-ssl-access.log combined
SSLCertificateFile /certs/server.cer
SSLCertificateKeyFile /certs/server.key
SSLCertificateChainFile /certs/server-ca.cer
SSLEngine on
ProxyRequests off
ProxyPreserveHost on
ProxyPass /jira
ProxyPassReverse /jira

RemoteIPHeader X-Forwarded-For

When I hit the server, the log shows the following:

[Tue Jan 14 11:14:50.661950 2020] [authz_core:debug] [pid 16097] mod_authz_core.c(835): [client] AH01628: authorization result: granted (no directives)
[Tue Jan 14 11:14:50.662170 2020] [proxy:debug] [pid 16097] mod_proxy.c(1123): [client] AH01143: Running scheme http handler (attempt 0)
[Tue Jan 14 11:14:50.662215 2020] [proxy_ajp:debug] [pid 16097] mod_proxy_ajp.c(722): [client] AH00894: declining URL
[Tue Jan 14 11:14:50.662237 2020] [proxy_fcgi:debug] [pid 16097] mod_proxy_fcgi.c(972): [client] AH01076: url: proxyname: (null) proxyport: 0
[Tue Jan 14 11:14:50.662253 2020] [proxy_fcgi:debug] [pid 16097] mod_proxy_fcgi.c(975): [client] AH01077: declining URL
[Tue Jan 14 11:14:50.662276 2020] [proxy:debug] [pid 16097] proxy_util.c(2203): AH00942: HTTP: has acquired connection for (
[Tue Jan 14 11:14:50.662296 2020] [proxy:debug] [pid 16097] proxy_util.c(2256): [client] AH00944: connecting to
[Tue Jan 14 11:14:50.662499 2020] [proxy:debug] [pid 16097] proxy_util.c(2426): [client] AH00947: connected /jira to
[Tue Jan 14 11:14:50.662677 2020] [proxy:debug] [pid 16097] proxy_util.c(2802): AH02824: HTTP: connection established with (
[Tue Jan 14 11:14:50.662717 2020] [proxy:debug] [pid 16097] proxy_util.c(2942): AH00962: HTTP: connection complete to (
[Tue Jan 14 11:14:50.666396 2020] [proxy:debug] [pid 16097] proxy_util.c(2218): AH00943: http: has released connection for (
[Tue Jan 14 11:14:55.671766 2020] [ssl:info] [pid 16097] (70007)The timeout specified has expired: [client] AH01991: SSL input filter read failed.
[Tue Jan 14 11:14:55.671906 2020] [ssl:debug] [pid 16097] ssl_engine_io.c(993): [client] AH02001: Connection closed to child 4 with standard shutdown (server

The browser gives me the following:

If I remove the :80, the thing will iterate a couple times and then eventually display the login page with the error:

JIRA is reporting that it is running on the port '80', which does not match the hostname used to run these diagnostics, '443'.

I can then put my creds in and it will do the :80 thing for three more times and then give me my page.

I have looked at the following:

    with this in mind, I added the following to my conf file:

<VirtualHost *:80>
ServerAlias jira
<Directory />
AllowOverride None
Order allow,deny
allow from all
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)${REQUEST_URI} [R,L]

Still the same issue.

I would be grateful for some pointers.




2 answers

1 accepted

0 votes
Answer accepted

This is solved. I wound up restarting the process and then following again this process:

And then ensured the the process worked for http.

I then followed:

which turned into the tricky part. Since I am an Apache noob, I didn't really understand where to put the directives for the SSL portion. I had been loading them into the same conf file as the http stuff, but that wasn't working when I originally did it. This time, I added the directives to the default ssl.conf file and the thing worked.

I *THINK* that I can just go straight SSL by putting the SSL stuff into the jira.conf file, but I am not sure how to exclude the default ssl file without breaking Apache. I'll play with that later.

0 votes


#1 localhost is not always Check is localhost is always resolved to

#2 Use as the proxy name when setting up the connector.

Please reread

as there are some more bugs in your configuration on the Apache side.

Make sure your SSL/TLS settings of the Apache work without proxying to Jira.



JP -

Thank you for the reply. It was my intention to replace my actual hostname/FQDN infor with but I guess that I didn't sanitize well enough.
I verified that is localhost in the hosts file is set as the proxy name in the connector.

Now, one thing is that I didn't change any of the other parameters to <default>. I left them as they were from the install. Should I change them to match the guide? e.g.:

<Connector port=<default>

WRT the Apache config, I am not sure what those bugs are - I am not Apache savvy. As near as I can tell I have it set exactly as it should be according to the guide.

I think that the SSL portion does work because when the page does come up, the page is properly secured with the SSL cert. Other than that, I am not sure how to test it.

Thank you again

Suggest an answer

Log in or Sign up to answer

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you