We've got JIRA, Confluence and FishEye running on the same host. Three service names e.g. jira.example.commap to one IP address. Apache runs on the same server and terminates the SSL connection. We're using different cookie names for each service to avoid getting logged out of one when logging into another.
But we can't see how to get Apache to use the SSL cert with the right name. When I connect to https://conf.example.comApache needs to use the cert for conf.example.com, not the one for jira.example.com.
Does anyone have any suggestions for how to do that? Our Apache doesn't appear to support SNI. The docs seems to suggest using IP based virtual hosts instead of named virtual hosts?
Your right Matt.
We have a single apache install with a virtual IP assigned to ourserver for each app server behind the proxy. We then use IP virtual hosts, with each defining its own ssl config. This approach works without issue for us.
I thought name support was standard as of 2.2.x... what version of Apache are you running?
FYI, configuring Apache to use a single IP address and multiple ssl certs based on the hostname of the virtualhost is easily doable.
Otoh this will currently not work, as the Atlassian products will not be able to make appropriate https calls to those vhosts. The relevant issue is: https://jira.atlassian.com/browse/JRA-24515
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
We're bringing product updates and pro tips on teamwork to ten cities around the world.Save your spot