Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Redirect Jira to HTTPS

Dmitry
Dmitry September 25, 2017

Hello everyone. I would like redirect http://atlassian-test:8080/ to https://atlassian-test/  but redirect doesn't work. I've set up Apache for https. Both links are working.

I've tried defferent redirectPort in server.xml (8443 and 443).

Where is my error? Please, assist!

I have SLES 12 SP1, Apache 2.4, Jira Software 7.4.3.

Part of config file /opt/atlassian/jira/conf/server.xml

<Service name="Catalina">

<Connector port="8080"

maxThreads="150"
 minSpareThreads="25"
 connectionTimeout="20000"
 enableLookups="false"
 maxHttpHeaderSize="8192"
 protocol="HTTP/1.1"
 useBodyEncodingForURI="true"
 redirectPort="8443"
 acceptCount="100"
 disableUploadTimeout="true"
 scheme="https"
 proxyName="atlassian-test"
 proxyPort="443"
 bindOnInit="false"
 secure="true"/>

config file /etc/apache2/vhosts.d/proxy-host.conf 

<VirtualHost *:443>
 ServerAdmin admin@example.ru
 ServerName atlassian-test
 DocumentRoot /srv/www/
 ErrorLog /var/log/apache2/proxy-host.log
 CustomLog /var/log/apache2/proxy-host_access.log combined
 ProxyRequests off
 ProxyPreserveHost On
 <Proxy *>
 Require all granted
 </Proxy>
 ProxyPass / http://atlassian-test:8080/
 ProxyPassReverse / http://atlassian-test:8080/
 SSLEngine on
 SSLProxyEngine On
 SSLCertificateFile /etc/apache2/ssl/ca.crt
 SSLCertificateKeyFile /etc/apache2/ssl/ca.key
 HostnameLookups Off
 UseCanonicalName Off
 ServerSignature On
 ScriptAlias /cgi-bin/ "/srv/www/vhosts/dummy-host.example.com/cgi-bin/"
 <Directory "/srv/www/vhosts/dummy-host.example.com/cgi-bin">
 AllowOverride None
 Options +ExecCGI -Includes
 <IfModule !mod_access_compat.c>
 Require all granted
 </IfModule>
 <IfModule mod_access_compat.c>
 Order allow,deny
 Allow from all
 </IfModule>
 </Directory>
</VirtualHost>
<VirtualHost *:8080>
 ServerName atlassian-test
 Redirect / https://atlassian-test/
</VirtualHost>

 

Answer
Watch
Like Be the first to like this
6524 views

1 answer

1 vote
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
September 25, 2017

I've used rewrites instead of redirects, as I never quite got the redirect correct.

I'm using the below instead of your Redirect line, one up from the bottom of your posted code

RewriteEngine on
RewriteCond %{SERVER_NAME} =atlassian-test
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]

View More Comments
Andy Heinzer
Andy Heinzer
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
September 25, 2017

Nic is on the right path there. 

You need Jira's Tomcat instance to be hosted on some port.  It doesn't have to be 8080, but it does have to be some unique and unused port number.  If you're using a reverse proxy like Apache in front of Jira, then those steps will work to redirect requests made at

http://atlassian-test.example.com

But this won't redirect requests made at just hostname:8080 port of your Jira machine.  You actually don't want those specific ones redirected because that web traffic still needs some way to get from your proxy to Jira.  Your proxy still needs to communicate with the Tomcat instance that Jira is using.   Right now your Jira is configured to serve up it's site on port 8080.

But the use of the reverse proxy can take requests made to  http://atlassian-test.example.com (http://atlassian-test.example.com:8080) and in turn alter them to use the HTTPS protocol instead. 

What DNS value does 'atlassian-test' resolve to?  The IP of your Jira instance?  Or the IP of your server running Apache?

If it's Apache, then I'd recommend following this guide: Integrating Jira with Apache using SSL document.

If it's the Jira instance, then you're probably going to want to push users to connect to the fully qualified domain name that directs this content first to the Apache server.   From that point you can then follow this guide to have Apache redirect/rewrite these requests.

Like
Dmitry
Dmitry September 26, 2017

Thank you for your answer!

@Nic Brough -Adaptavist-, I put your code in the config file /etc/apache2/vhosts.d/proxy-host.conf like this: 

<VirtualHost *:8080>
RewriteEngine on
RewriteCond %{SERVER_NAME} =atlassian-test
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]
</VirtualHost>

, restart apache and redirect doesn't work :-(

@Andy Heinzer, I have three applications installed on the one server: Jira, Confluence and Bitbucket. Apache is installed on the same server. Server's DNS-name resolved to local area IP-address (and with domain suffix as well). Atlassian server have to be accesible only inside our company.

So I would like to set up SSL on three application with redirect:

http://atlassian-test: 8080 to https://atlassian-test/ or https://atlassian-test/jira

and http://atlassian-test:8090 to https://atlassian-test/confluence/

and http://atlassian-test:7990 to https://atlassian-test/bitbucket/

Or something like that.

Of course, I've made SSL according to Integrating Jira with Apache using SSL document.

Like
Nic Brough -Adaptavist-
Nic Brough -Adaptavist-
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
September 26, 2017

Mmm, ok.  I was suggesting to replace just the last line, but here's my full definition (using atlassian-test).  I imagine it will work for post 8080, and I suspect the missing bit on your side is simply the ServerName, from the descriptive comment below it.

<VirtualHost *:80>
        ServerName atlassian-test
    # the server uses to identify itself. This is used when creating
    # specifies what hostname must appear in the request's Host: header to
    # match this virtual host. For the default virtual host (this file) this
    # value is not decisive as it is used as a last resort host regardless.
    # However, you must set it for any further virtual host explicitly.

    ServerAdmin webmaster@localhost
    DocumentRoot /var/www/html

    # Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
    # error, crit, alert, emerg.
    # It is also possible to configure the loglevel for particular
    # modules, e.g.
    #LogLevel info ssl:warn

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

    # For most configuration files from conf-available/, which are
    # enabled or disabled at a global level, it is possible to
    # include a line for only one particular virtual host. For example the
    # following line enables the CGI configuration for this host only
    # after it has been globally disabled with "a2disconf".
    #Include conf-available/serve-cgi-bin.conf
RewriteEngine on
RewriteCond %{SERVER_NAME} =atlassian-test
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]
</VirtualHost>
Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira Software
TAGS
AUG Leaders

Atlassian Community Events

    See all events