Redirect Jira to HTTPS

Hello everyone. I would like redirect http://atlassian-test:8080/ to https://atlassian-test/  but redirect doesn't work. I've set up Apache for https. Both links are working.

I've tried defferent redirectPort in server.xml (8443 and 443).

Where is my error? Please, assist!

I have SLES 12 SP1, Apache 2.4, Jira Software 7.4.3.

Part of config file /opt/atlassian/jira/conf/server.xml

<Service name="Catalina">

<Connector port="8080"

maxThreads="150"
minSpareThreads="25"
connectionTimeout="20000"
enableLookups="false"
maxHttpHeaderSize="8192"
protocol="HTTP/1.1"
useBodyEncodingForURI="true"
redirectPort="8443"
acceptCount="100"
disableUploadTimeout="true"
scheme="https"
proxyName="atlassian-test"
proxyPort="443"
bindOnInit="false"
secure="true"/>

config file /etc/apache2/vhosts.d/proxy-host.conf 

<VirtualHost *:443>
ServerAdmin admin@example.ru
ServerName atlassian-test
DocumentRoot /srv/www/
ErrorLog /var/log/apache2/proxy-host.log
CustomLog /var/log/apache2/proxy-host_access.log combined
ProxyRequests off
ProxyPreserveHost On
<Proxy *>
Require all granted
</Proxy>
ProxyPass / http://atlassian-test:8080/
ProxyPassReverse / http://atlassian-test:8080/
SSLEngine on
SSLProxyEngine On
SSLCertificateFile /etc/apache2/ssl/ca.crt
SSLCertificateKeyFile /etc/apache2/ssl/ca.key
HostnameLookups Off
UseCanonicalName Off
ServerSignature On
ScriptAlias /cgi-bin/ "/srv/www/vhosts/dummy-host.example.com/cgi-bin/"
<Directory "/srv/www/vhosts/dummy-host.example.com/cgi-bin">
AllowOverride None
Options +ExecCGI -Includes
<IfModule !mod_access_compat.c>
Require all granted
</IfModule>
<IfModule mod_access_compat.c>
Order allow,deny
Allow from all
</IfModule>
</Directory>
</VirtualHost>
<VirtualHost *:8080>
ServerName atlassian-test
Redirect / https://atlassian-test/
</VirtualHost>

 

1 answer

This widget could not be displayed.

I've used rewrites instead of redirects, as I never quite got the redirect correct.

I'm using the below instead of your Redirect line, one up from the bottom of your posted code

RewriteEngine on
RewriteCond %{SERVER_NAME} =atlassian-test
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]

Nic is on the right path there. 

You need Jira's Tomcat instance to be hosted on some port.  It doesn't have to be 8080, but it does have to be some unique and unused port number.  If you're using a reverse proxy like Apache in front of Jira, then those steps will work to redirect requests made at

http://atlassian-test.example.com

But this won't redirect requests made at just hostname:8080 port of your Jira machine.  You actually don't want those specific ones redirected because that web traffic still needs some way to get from your proxy to Jira.  Your proxy still needs to communicate with the Tomcat instance that Jira is using.   Right now your Jira is configured to serve up it's site on port 8080.

But the use of the reverse proxy can take requests made to  http://atlassian-test.example.com (http://atlassian-test.example.com:8080) and in turn alter them to use the HTTPS protocol instead. 

What DNS value does 'atlassian-test' resolve to?  The IP of your Jira instance?  Or the IP of your server running Apache?

If it's Apache, then I'd recommend following this guide: Integrating Jira with Apache using SSL document.

If it's the Jira instance, then you're probably going to want to push users to connect to the fully qualified domain name that directs this content first to the Apache server.   From that point you can then follow this guide to have Apache redirect/rewrite these requests.

Thank you for your answer!

@Nic Brough [Adaptavist], I put your code in the config file /etc/apache2/vhosts.d/proxy-host.conf like this: 

<VirtualHost *:8080>
RewriteEngine on
RewriteCond %{SERVER_NAME} =atlassian-test
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]
</VirtualHost>

, restart apache and redirect doesn't work :-(

@Andrew Heinzer, I have three applications installed on the one server: Jira, Confluence and Bitbucket. Apache is installed on the same server. Server's DNS-name resolved to local area IP-address (and with domain suffix as well). Atlassian server have to be accesible only inside our company.

So I would like to set up SSL on three application with redirect:

http://atlassian-test: 8080 to https://atlassian-test/ or https://atlassian-test/jira

and http://atlassian-test:8090 to https://atlassian-test/confluence/

and http://atlassian-test:7990 to https://atlassian-test/bitbucket/

Or something like that.

Of course, I've made SSL according to Integrating Jira with Apache using SSL document.

Mmm, ok.  I was suggesting to replace just the last line, but here's my full definition (using atlassian-test).  I imagine it will work for post 8080, and I suspect the missing bit on your side is simply the ServerName, from the descriptive comment below it.

<VirtualHost *:80>
        ServerName atlassian-test
    # the server uses to identify itself. This is used when creating
    # specifies what hostname must appear in the request's Host: header to
    # match this virtual host. For the default virtual host (this file) this
    # value is not decisive as it is used as a last resort host regardless.
    # However, you must set it for any further virtual host explicitly.

    ServerAdmin webmaster@localhost
    DocumentRoot /var/www/html

    # Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
    # error, crit, alert, emerg.
    # It is also possible to configure the loglevel for particular
    # modules, e.g.
    #LogLevel info ssl:warn

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

    # For most configuration files from conf-available/, which are
    # enabled or disabled at a global level, it is possible to
    # include a line for only one particular virtual host. For example the
    # following line enables the CGI configuration for this host only
    # after it has been globally disabled with "a2disconf".
    #Include conf-available/serve-cgi-bin.conf
RewriteEngine on
RewriteCond %{SERVER_NAME} =atlassian-test
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]
</VirtualHost>

Suggest an answer

Log in or Sign up to answer
Atlassian Summit 2018

Meet the community IRL

Atlassian Summit is an excellent opportunity for in-person support, training, and networking.

Learn more
Community showcase
Posted Wednesday in New to Jira

Are you planning to trial, or are currently trialling Jira Software? - We want to talk to you!

Hello! I'm Rayen, a product manager at Atlassian. My team and I are working hard to improve the trial experience for Jira Software Cloud. We are interested in   talking to 20 people planning t...

97 views 1 0
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you