We're having some issues with a specific setup where we use Azure AD Application Proxy to allow all users to access the Jira site without VPN by first logging into Azure AD.
This all works fine except for some specific cases.
The Azure Proxy is setup as follows: jira.mysite.com (external URL) directs to the proxy which directs to jira.mysite.internal (Internal URL) which points to the IP of the server. All users should access the Jira via the jira.mysite.com and not use the internal URL.
Is there a way to tell Jira not to go to jira.mysite.com but directly to itself as in the IP address to load gadgets, and all the other cool stuff?
I tried changing the /etc/hosts file on Linux to point jira.mysite.com to the IP address of itself, but that doesn't seem to do anything for the gadgets.
Anyone have experience with this or an idea of how to approach this?
Thanks in advance8
For those interested, we've managed to resolve this problem by using the following setup:
Generally we still advise our users to use the company VPN for optimal experience. If the don't, they need to keep the following into account:
We used the documentation from Atlassian: https://confluence.atlassian.com/kb/securing-your-atlassian-applications-with-apache-using-ssl-838284349.html
On the Application Proxy you need to provide a PFX file which holds the details of the certificates that apache proxy is working with. This will make sure that both the application proxy as any other direct traffic is all running securely over SSL.